Sårbarhetslösningar
 |
tillagda skanningar de senaste 7 dagarna |
| Nimsoft Cloud Monitor periodiska sårbarhetsskanning kontrollerar sårbarheten nedan. Om du vill se de senasta sårbarhetslösningarna som skannas av Nimsoft Cloud Monitor kan du gå till översikten med sårbarhetslösningar |
| Kategori: SuSE Local Security Checks | Riskfaktor: Medium | Tillagt: 5 mar 2010 |
| Synopsis: The remote SuSE system is missing a security patch for rubygem-actionpack Description: This update of rubygems fixes two vulnerabilities: - CVE-2008-7248: CVSS v2 Base Score: 4.3 Rails CSRF protection can be bypassed by using special content-types for a HTTP request. - CVE-2009-4214: CVSS v2 Base Score: 4.3 The method strip_tags does not completely protect agains XSS attacks. See also: https://bugzilla.novell.com/show_bug.cgi?id=558879 https://bugzilla.novell.com/show_bug.cgi?id=564362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4214 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7248 Solution: Run yast to install the security patch for rubygem-actionpack Risk factor: Medium / CVSS Base Score : 6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P) |
||
