RubySec

Providing security resources for the Ruby community

CVE-2014-5004 (brbackup): brbackup Gem for Ruby Process List Local Plaintext Password Disclosure

ADVISORIES

GEM

brbackup

PATCHED VERSIONS

None.

DESCRIPTION

brbackup Gem for Ruby contains a flaw that is due to the program exposing password information in plaintext in the process list. This may allow a local attacker to gain access to password information.