--- 
gem: ftpd
cve: 2013-2512
osvdb: 90784
url: http://osvdb.org/show/osvdb/90784
title: ftpd Gem for Ruby Shell Character Handling Remote Command Injection
date: 2013-02-28

description: | 
  ftpd Gem for Ruby contains a flaw that is triggered when handling a
  specially crafted option or filename that contains a shell
  character. This may allow a remote attacker to inject arbitrary
  commands.

cvss_v2: 9.0

patched_versions: 
  - ">= 0.2.2"