CVE Vulnerabilities

CVE-2014-2888

Published: Apr 23, 2014 | Modified: May 10, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

lib/sfpagent/bsig.rb in the sfpagent gem before 0.4.15 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the module name in a JSON request.

Affected Software

Name Vendor Start Version End Version
Sfpagent Herry 0.1.6 0.1.6
Sfpagent Herry 0.2.3 0.2.3
Sfpagent Herry 0.2.10 0.2.10
Sfpagent Herry 0.2.0 0.2.0
Sfpagent Herry 0.4.4 0.4.4
Sfpagent Herry 0.1.4 0.1.4
Sfpagent Herry 0.1.13 0.1.13
Sfpagent Herry 0.4.5 0.4.5
Sfpagent Herry 0.1.0 0.1.0
Sfpagent Herry 0.4.9 0.4.9
Sfpagent Herry 0.3.10 0.3.10
Sfpagent Herry 0.3.9 0.3.9
Sfpagent Herry 0.2.8 0.2.8
Sfpagent Herry 0.4.3 0.4.3
Sfpagent Herry 0.3.1 0.3.1
Sfpagent Herry 0.2.1 0.2.1
Sfpagent Herry 0.1.9 0.1.9
Sfpagent Herry 0.1.1 0.1.1
Sfpagent Herry 0.1.11 0.1.11
Sfpagent Herry 0.4.8 0.4.8
Sfpagent Herry 0.2.6 0.2.6
Sfpagent Herry 0.3.6 0.3.6
Sfpagent Herry 0.4.13 0.4.13
Sfpagent Herry 0.2.2 0.2.2
Sfpagent Herry 0.1.7 0.1.7
Sfpagent Herry 0.3.0 0.3.0
Sfpagent Herry 0.2.9 0.2.9
Sfpagent Herry * 0.4.14
Sfpagent Herry 0.0.1 0.0.1
Sfpagent Herry 0.4.7 0.4.7
Sfpagent Herry 0.3.7 0.3.7
Sfpagent Herry 0.3.5 0.3.5
Sfpagent Herry 0.4.2 0.4.2
Sfpagent Herry 0.4.12 0.4.12
Sfpagent Herry 0.4.10 0.4.10
Sfpagent Herry 0.1.10 0.1.10
Sfpagent Herry 0.1.5 0.1.5
Sfpagent Herry 0.3.4 0.3.4
Sfpagent Herry 0.4.0 0.4.0
Sfpagent Herry 0.2.5 0.2.5
Sfpagent Herry 0.3.2 0.3.2
Sfpagent Herry 0.2.7 0.2.7
Sfpagent Herry 0.4.11 0.4.11
Sfpagent Herry 0.1.14 0.1.14
Sfpagent Herry 0.3.8 0.3.8
Sfpagent Herry 0.1.12 0.1.12
Sfpagent Herry 0.1.2 0.1.2
Sfpagent Herry 0.1.8 0.1.8
Sfpagent Herry 0.2.4 0.2.4
Sfpagent Herry 0.1.3 0.1.3
Sfpagent Herry 0.4.1 0.4.1
Sfpagent Herry 0.4.6 0.4.6
Sfpagent Herry 0.3.3 0.3.3

References