RubyGems SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 53174
Class: Design Error
CVE: CVE-2012-2126
Remote: Yes
Local: No
Published: Apr 20 2012 12:00AM
Updated: Apr 13 2015 09:22PM
Credit: John Firebaugh
Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
RubyGems RubyGems 0.9.1
RubyGems RubyGems 0.9
RubyGems RubyGems 0.8.11
RubyGems RubyGems 1.9.3
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux Desktop Optional 6
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
CentOS CentOS 6
Not Vulnerable: RubyGems RubyGems 1.9.3-p194


 

Privacy Statement
Copyright 2010, SecurityFocus