Lucene search
RedhatCVELIST:CVE-2012-3424HistoryAug 08, 2012 - 10:00 a.m.
CVE-2012-3424
2012-08-0810:00:00
redhat
www.cve.org
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.
Related
freebsd
freebsd
rubygem-actionpack -- Denial of Service
2012-07-26 00:00:00
prion
prion
Design/Logic Flaw
2012-08-08 10:26:00
gitlab
gitlab
DoS Vulnerability in authenticate_or_request_with_http_digest
2012-08-08 00:00:00
github
github
actionpack Improper Authentication vulnerability
2017-10-24 18:33:38
nvd
nvd
CVE-2012-3424
2012-08-08 10:26:19
nessus
nessus
Fedora 17 : rubygem-actionpack-3.0.11-6.fc17 (2012-11363)
2012-08-10 00:00:00
Fedora 16 : rubygem-actionpack-3.0.10-8.fc16 (2012-11353)
2012-08-10 00:00:00
cve
cve
CVE-2012-3424
2012-08-08 10:26:19
seebug
seebug
openvas
openvas
FreeBSD Ports: rubygem-actionpack
2012-08-10 00:00:00
FreeBSD Ports: rubygem-actionpack
2012-08-10 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2012-11363
2012-08-30 00:00:00
ubuntucve
ubuntucve
CVE-2012-3424
2012-08-08 00:00:00
osv
osv
actionpack Improper Authentication vulnerability
2017-10-24 18:33:38
debiancve
debiancve
CVE-2012-3424
2012-08-08 10:26:19
rubygems
rubygems
fedora
fedora
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-6.fc17
2012-08-09 23:18:43
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-7.fc17
2012-08-22 21:11:17
[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-8.fc16
2012-08-09 23:26:17
ibm
ibm
redhat
redhat
(RHSA-2013:0154) Critical: Ruby on Rails security update
2013-01-10 20:37:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00