ADVISORIES

• OSVDB-108572
• Vendor Advisory

GEM

kcapifony

PATCHED VERSIONS

None.

DESCRIPTION

kcapifony Gem for Ruby contains a flaw in /lib/ksymfony1.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands.

RELATED

• https://www.mend.io/vulnerability-database/WS-2014-0019
• https://github.com/Kunstmaan/kCapifony/blob/master/lib/ksymfony1.rb
• http://www.vapid.dhs.org/advisories/kcapifony-2.1.6.html
• http://www.vapidlabs.com/advisory.php?v=65
• http://osvdb.org/show/osvdb/108572