Lucene search
PRIOn knowledge basePRION:CVE-2007-5380HistoryOct 19, 2007 - 11:17 p.m.
Session fixation
2007-10-1923:17:00
PRIOn knowledge base
www.prio-n.com
10
Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to “URL-based sessions.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| ruby_on_rails | le | 1.2.3 |
References
bugs.gentoo.org/show_bug.cgi?id=195315
docs.info.apple.com/article.html?artnum=307179
lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
secunia.com/advisories/27657
secunia.com/advisories/27965
secunia.com/advisories/28136
security.gentoo.org/glsa/glsa-200711-17.xml
weblog.rubyonrails.org/2007/10/5/rails-1-2-4-maintenance-release
www.novell.com/linux/security/advisories/2007_25_sr.html
www.securityfocus.com/bid/26096
www.us-cert.gov/cas/techalerts/TA07-352A.html
www.vupen.com/english/advisories/2007/3508
www.vupen.com/english/advisories/2007/4238
Related
github
github
Session fixation vulnerability in Rails
2017-10-24 18:33:38
session fixation protection mechanism in cgi_process.rb in Rails
2017-10-24 18:33:38
osv
osv
Session fixation vulnerability in Rails
2017-10-24 18:33:38
session fixation protection mechanism in cgi_process.rb in Rails
2017-10-24 18:33:38
nvd
nvd
CVE-2007-5380
2007-10-19 23:17:00
CVE-2007-6077
2007-11-21 21:46:00
debiancve
debiancve
CVE-2007-5380
2007-10-19 23:17:00
CVE-2007-6077
2007-11-21 21:46:00
cvelist
cvelist
CVE-2007-5380
2007-10-19 23:00:00
CVE-2007-6077
2007-11-21 21:00:00
nessus
nessus
openSUSE 10 Security Update : rubygem-actionpack (rubygem-actionpack-4754)
2007-11-30 00:00:00
FreeBSD : rubygem-rails -- session-fixation vulnerability (30acb8ae-9d46-11dc-9114-001c2514716c)
2007-11-29 00:00:00
Ruby on Rails Multiple Method Session Fixation
2007-11-28 00:00:00
ubuntucve
ubuntucve
CVE-2007-5380
2007-10-19 00:00:00
CVE-2007-6077
2007-11-21 00:00:00
cve
cve
CVE-2007-5380
2007-10-19 23:17:00
CVE-2007-6077
2007-11-21 21:46:00
rubygems
rubygems
Moderate severity vulnerability that affects rails
2017-10-23 21:00:00
openvas
openvas
FreeBSD Ports: rubygem-rails
2008-09-04 00:00:00
FreeBSD Ports: rubygem-rails
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200711-17 (rails)
2008-09-24 00:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2007-11-17 00:00:00
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities
2007-11-15 00:00:00
prion
prion
Session fixation
2007-11-21 21:46:00
freebsd
freebsd
rubygem-rails -- session-fixation vulnerability
2007-11-24 00:00:00
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2007-11-14 00:00:00
Ruby on Rails: Multiple vulnerabilities
2009-12-20 00:00:00