OVAL Reference oval:com.ubuntu.xenial:def:20130263000

Oval Definition:

oval:com.ubuntu.xenial:def:20130263000

Revision Date:	2013-02-08	Version:	1
Title:	CVE-2013-0263 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-0263
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND The 'ruby-rack' package in xenial was vulnerable but has been fixed (note: '1.5.2-1').