Debian Security Advisory 2597-1

Dieses Thema im Forum "Security News" wurde erstellt von newsbot, 07.01.2013.

  1. #1 newsbot, 07.01.2013

    newsbot Foren Gott

    Dabei seit:
    Debian Linux Security Advisory 2597-1 - joernchen of Phenoelit discovered that rails, an MVC ruby based framework geared for web application development, is not properly treating user-supplied input to "find_by_*" methods. Depending on how the ruby on rails application is using these methods, this allows an attacker to perform SQL injection attacks, e.g., to bypass authentication if Authlogic is used and the session secret token is known.

  2. Anzeige

    Schau dir mal diese Kategorie an. Dort findest du bestimmt etwas.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren

Debian Security Advisory 2597-1

Die Seite wird geladen...

Debian Security Advisory 2597-1 - Ähnliche Themen

  1. Debian Security Advisory 2603-1

    Debian Security Advisory 2603-1: Debian Linux Security Advisory 2603-1 - Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if...
  2. Debian Security Advisory 2604-1

    Debian Security Advisory 2604-1: Debian Linux Security Advisory 2604-1 - It was discovered that Rails, the Ruby web application development framework, performed insufficient...
  3. Debian Security Advisory 2599-1

    Debian Security Advisory 2599-1: Debian Linux Security Advisory 2599-1 - Google, Inc. discovered that the TurkTrust certification authority included in the Network Security...
  4. Debian Security Advisory 2600-1

    Debian Security Advisory 2600-1: Debian Linux Security Advisory 2600-1 - Jann Horn discovered that users of the CUPS printing system who are part of the lpadmin group could modify...
  5. Debian Security Advisory 2601-1

    Debian Security Advisory 2601-1: Debian Linux Security Advisory 2601-1 - KB Sriram discovered that GnuPG, the GNU Privacy Guard did not sufficiently sanitise public keys on...