[email protected]
Created [email protected] . If you have found vulnerabilities in Ruby, please report to this address. [email protected] is a private ML, and anyone can post to it without subscription.
Posted by Shugo Maeda on 02 Jul 2005
XMLRPC.iPIMethods Vulnerability
On Fri Jun 17 2005, a vulnerability of XMLRPC.iPIMethods was reported in [ruby-core:05237]. Remote attackers can execute arbitrary commands by this vulnerability.
Affected Programs
Programs providing XML-RPC services by XMLRPC.iPIMethods are affected.
Fix
This vulnerability was already fixed in both the CVS HEAD and the ruby_1_8 branch.
Please apply this patch for ruby-1.8.2.
Posted by Shugo Maeda on 01 Jul 2005