github - ghsa-vf66-crpm-448h

ghsa-vf66-crpm-448h

Vulnerability from github

Published

2022-05-01 02:04

Modified

2022-05-01 02:04

Details

The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-1992"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-06-20T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents \"security protection\" using handlers, which allows remote attackers to execute arbitrary commands.",
  "id": "GHSA-vf66-crpm-448h",
  "modified": "2022-05-01T02:04:01Z",
  "published": "2022-05-01T02:04:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1992"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10819"
    },
    {
      "type": "WEB",
      "url": "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/5237"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315064"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/16920"
    },
    {
      "type": "WEB",
      "url": "http://www.auscert.org.au/5509"
    },
    {
      "type": "WEB",
      "url": "http://www.ciac.org/ciac/bulletins/p-312.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2005/dsa-748"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/684913"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-543.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/14016"
    },
    {
      "type": "WEB",
      "url": "http://www2.ruby-lang.org/en/20050701.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2005-1992

Vulnerability from cvelistv5

Published

2005-06-20 04:00

Modified

2024-08-07 22:06

Severity

Summary

References

URL	Tags
http://www.debian.org/security/2005/dsa-748	vendor-advisory, x_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2005_18_sr.html	vendor-advisory, x_refsource_SUSE
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315064	x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/684913	third-party-advisory, x_refsource_CERT-VN
http://www.redhat.com/support/errata/RHSA-2005-543.html	vendor-advisory, x_refsource_REDHAT
http://www.ciac.org/ciac/bulletins/p-312.shtml	third-party-advisory, government-resource, x_refsource_CIAC
http://www.securityfocus.com/bid/14016	vdb-entry, x_refsource_BID
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10819	vdb-entry, signature, x_refsource_OVAL
http://www2.ruby-lang.org/en/20050701.html	x_refsource_CONFIRM
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/5237	x_refsource_CONFIRM
http://www.auscert.org.au/5509	third-party-advisory, x_refsource_AUSCERT
http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html	vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/16920/	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website