OSVDB-108573 (karo): karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

June 30th, 2014

karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

Published: June 30, 2014

SECURITY IDENTIFIERS

OSVDB: OSVDB-108573

GEM

karo

PATCHED VERSIONS

None available.

DESCRIPTION

karo Gem for Ruby contains a flaw in db.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands.

RubySec

OSVDB-108573 (karo): karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

SECURITY IDENTIFIERS

GEM

PATCHED VERSIONS

DESCRIPTION

Recent Advisories