CVE-2004-0755 Information
Feb 14, 2021
cve
Description
The FileStore capability in CGI::Session for Ruby before 1.8.1 and possibly PStore creates files with insecure permissions which can allow local users to steal session information and hijack sessions.
Reference
http://secunia.com/advisories/12290/ http://www.debian.org/security/2004/dsa-537 http://www.gentoo.org/security/en/glsa/glsa-200409-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:128 https://exchange.xforce.ibmcloud.com/vulnerabilities/16996 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11128
Share on: