RubygemsResearch

Sha256: f47b41fe62b3681d4d5fd258673e268b7e04579e94b0eabd7a3deca38524853d

Contents?: true

Size: 1021 Bytes

Versions: 18

Compression:

Stored size: 1021 Bytes

module Codesake
	module Dawn
		module Kb
			# Automatically created with rake on 2014-01-06
			class CVE_2005_1992
				include RubyVersionCheck

				def initialize
          message = "The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents \"security protection\" using handlers, which allows remote attackers to execute arbitrary commands."

          super({
            :name=>"CVE-2005-1992",
            :cvss=>"AV:N/AC:L/Au:N/C:P/I:P/A:P",
            :release_date => Date.new(2005, 06, 20),
            :cwe=>"",
            :owasp=>"A9", 
            :applies=>["rails", "sinatra", "padrino"],
            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
            :message=>message,
            :mitigation=>"Upgrade your ruby interpreter",
            :aux_links=>["http://www2.ruby-lang.org/en/20050701.html"]
          })

          self.safe_rubies = [{:engine=>"ruby", :version=>"1.8.999", :patchlevel=>"p0"}]

				end
			end
		end
	end
end

Version data entries

18 entries across 18 versions & 2 rubygems

Version	Path
dawnscanner-1.2.99	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.2.99	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.2.0	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.1.3	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.1.2	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.1.1	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.1.0	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.1.0.rc2	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.1.0.rc1	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.6	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.5	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.4	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.3	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.2	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.1	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.0	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.0.rc2	lib/codesake/dawn/kb/cve_2005_1992.rb
codesake-dawn-1.0.0.rc1	lib/codesake/dawn/kb/cve_2005_1992.rb