Fedora 9 : rubygem-actionmailer-2.1.1-1.fc9 / rubygem-actionpack-2.1.1-1.fc9 / etc (2008-8322)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

Fixes CVE-2008-4094 (SQL injection in limit and offset clauses)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=462302
https://bugzilla.redhat.com/show_bug.cgi?id=462303
https://bugzilla.redhat.com/show_bug.cgi?id=462304
https://bugzilla.redhat.com/show_bug.cgi?id=462306
https://bugzilla.redhat.com/show_bug.cgi?id=462307
https://bugzilla.redhat.com/show_bug.cgi?id=462308
http://www.nessus.org/u?3c28d96e
http://www.nessus.org/u?26a86463
http://www.nessus.org/u?284f68c5
http://www.nessus.org/u?96225701
http://www.nessus.org/u?89653b26
http://www.nessus.org/u?b19a2329
http://www.nessus.org/u?d43f96d3

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 34305 (fedora_2008-8322.nasl)

Bugtraq ID: 31176

CVE ID: CVE-2008-4094

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now