Sha256: ee744825f30cfac175e97af4621322ef59fc492b7c32504b5f958b7318983f29

Contents?: true

Size: 449 Bytes

Versions: 14

Compression:

Stored size: 449 Bytes

Contents

--- 
gem: ftpd
cve: 2013-2512
osvdb: 90784
url: http://osvdb.org/show/osvdb/90784
title: ftpd Gem for Ruby Shell Character Handling Remote Command Injection
date: 2013-02-28

description: | 
  ftpd Gem for Ruby contains a flaw that is triggered when handling a
  specially crafted option or filename that contains a shell
  character. This may allow a remote attacker to inject arbitrary
  commands.

cvss_v2: 9.0

patched_versions: 
  - ">= 0.2.2"

Version data entries

14 entries across 14 versions & 3 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.4.0 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
mrjoy-bundler-audit-0.3.2 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
mrjoy-bundler-audit-0.3.1 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.3.0 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
mrjoy-bundler-audit-0.2.1 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
bundler-audit-0.2.0 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
mrjoy-bundler-audit-0.1.4 data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml