FreeBSD Ports: Rubygem-rails Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b http://groups.google.com/group/rubyonrails-security/browse_thread/thread/3420ac71aed312d6 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6ffc93bde0298768 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/56bffb5923ab1195 http://www.vuxml.org/freebsd/be77eff6-ca91-11e0-aea3-00215c6a37bb.html

Insight

The following package is affected: rubygem-rails

Severity

Classification

CVE CVE-2011-2930, CVE-2011-2931, CVE-2011-3186

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: cdf3
FreeBSD Ports: cacti
FreeBSD Ports: apache+mod_ssl
FreeBSD Ports: courier
FreeBSD Ports: bugzilla, ja-bugzilla

FreeBSD Ports: rubygem-rails

Take action and discover your vulnerabilities