SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2014-1233

Date: (C)2014-01-11 (M)2023-12-22

The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE

Reference:

http://openwall.com/lists/oss-security/2014/01/08/1

http://www.vapid.dhs.org/advisories/paratrooper-api-key-pingdom.html

cpe:/a:tobias_maier:paratrooper-pingdom:1.0.0:-:~-~-~ruby~~

© SecPod Technologies