Lucene search
GoogleOSV:GHSA-PCM6-G2QP-9GW8HistoryMar 16, 2018 - 1:13 a.m.
Cap-Strap gem for Ruby places credentials on the useradd command line
2018-03-1601:13:46
Google
osv.dev
4
EPSS
0
Percentile
5.1%
lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process.
References
www.openwall.com/lists/oss-security/2014/07/07/9
www.openwall.com/lists/oss-security/2014/07/17/5
www.vapid.dhs.org/advisories/cap-strap-0.1.5.html
github.com/advisories/GHSA-pcm6-g2qp-9gw8
github.com/rubysec/ruby-advisory-db/blob/master/gems/cap-strap/CVE-2014-4992.yml
github.com/substantial/cap-strap
nvd.nist.gov/vuln/detail/CVE-2014-4992
Related
github
github
Cap-Strap gem for Ruby places credentials on the useradd command line
2018-03-16 01:13:46
nvd
nvd
CVE-2014-4992
2018-01-10 18:29:00
cve
cve
CVE-2014-4992
2018-01-10 18:29:00
rubygems
rubygems
cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure
2014-06-29 20:00:00
prion
prion
Command injection
2018-01-10 18:29:00
cvelist
cvelist
CVE-2014-4992
2018-01-10 18:00:00