Описание
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.6.8-13ubuntu1 |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.8.4-1ubuntu1.3 |
| devel | released | 1.8.5-4ubuntu2 |
| edgy | released | 1.8.4-5ubuntu1.2 |
| feisty | released | 1.8.5-4ubuntu2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
The FileStore capability in CGI::Session for Ruby before 1.8.1, and po ...
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
EPSS
2.1 Low
CVSS2