This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
rubygem-activerecord -- multiple vulernabilities
Due to the way Active Record interprets parameters in combination with
the way that Rack parses query parameters, it is possible for an
attacker to issue unexpected database queries with 'IS NULL' where
clauses. This issue does *not* let an attacker insert arbitrary values
into a SQL query, however they can cause the query to check for NULL
where most users wouldn't expect it.
Due to the way Active Record handles nested query parameters, an
attacker can use a specially crafted request to inject some forms of
SQL into your application's SQL queries.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 6.4