Oval Definition:	oval:org.opensuse.security:def:20130262
Revision Date: 2022-06-30 Version: 1 Title: CVE-2013-0262 Description: rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals." Family: unix Class: vulnerability Status: Reference(s): CVE-2013-0262 Mitre CVE-2013-0262 SUSE CVE-2013-0262 openSUSE-SU-2013:0338-1 openSUSE-SU-2013:0338-1 openSUSE-SU-2013:0462-1 openSUSE-SU-2013:0462-1 SUSE-SU-2013:1036-1 SUSE-SU-2013:1036-1 Platform(s): BDK 11 SP2 openSUSE 12.1 openSUSE 12.1 Update openSUSE 12.2 Update openSUSE Tumbleweed SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Lifecycle Management Server 1.3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 SUSE Studio Onsite 1.3 WebYaST 1.3 Product(s): Definition Synopsis sle11-sp2-sdk is installed AND Package Information rubygem-activesupport-3_2 less than 3.2.12-0.5.8 OR rubygem-rack-1_4 less than 1.4.5-0.5.8 Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND rubygem-rack-1_4-1.4.5-0.5 is installed Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information ruby2.1-rubygem-chef-10.32.2-3 is installed OR rubygem-chef-10.32.2-3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information ruby2.1-rubygem-chef-10.32.2-3 is installed OR ruby2.1-rubygem-chef-expander-10.32.2-1 is installed OR ruby2.1-rubygem-chef-server-10.32.2-1 is installed OR ruby2.1-rubygem-chef-server-api-10.32.2-4 is installed OR ruby2.1-rubygem-chef-solr-10.32.2-1 is installed OR ruby2.1-rubygem-rack-1.6.4-2 is installed OR rubygem-chef-10.32.2-3 is installed OR rubygem-chef-expander-10.32.2-1 is installed OR rubygem-chef-server-api-10.32.2-4 is installed OR rubygem-chef-solr-10.32.2-1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND ruby2.5-rubygem-rack-2.0.3-1 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Availability 15 is installed OR SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-rack-2.0.3-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND rubygem-rack is affected Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ruby2.1-rubygem-rack is affected Definition Synopsis SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-rack-2.0.3-1 is installed Definition Synopsis openSUSE Tumbleweed is installed AND Package Information ruby2.2-rubygem-rack-2.0.1-1.1 is installed OR ruby2.2-rubygem-rack-1_4-1.4.7-1.8 is installed OR ruby2.2-rubygem-rack-1_6-1.6.5-1.1 is installed OR ruby2.2-rubygem-rack-doc-2.0.1-1.1 is installed OR ruby2.2-rubygem-rack-doc-1_4-1.4.7-1.8 is installed OR ruby2.2-rubygem-rack-doc-1_6-1.6.5-1.1 is installed OR ruby2.2-rubygem-rack-testsuite-2.0.1-1.1 is installed OR ruby2.2-rubygem-rack-testsuite-1_4-1.4.7-1.8 is installed OR ruby2.2-rubygem-rack-testsuite-1_6-1.6.5-1.1 is installed OR ruby2.3-rubygem-rack-2.0.1-1.1 is installed OR ruby2.3-rubygem-rack-1_4-1.4.7-1.8 is installed OR ruby2.3-rubygem-rack-1_6-1.6.5-1.1 is installed OR ruby2.3-rubygem-rack-doc-2.0.1-1.1 is installed OR ruby2.3-rubygem-rack-doc-1_4-1.4.7-1.8 is installed OR ruby2.3-rubygem-rack-doc-1_6-1.6.5-1.1 is installed OR ruby2.3-rubygem-rack-testsuite-2.0.1-1.1 is installed OR ruby2.3-rubygem-rack-testsuite-1_4-1.4.7-1.8 is installed OR ruby2.3-rubygem-rack-testsuite-1_6-1.6.5-1.1 is installed OR ruby2.7-rubygem-rack-2.2.3-1.7 is installed OR ruby2.7-rubygem-rack-1_6-1.6.13-1.13 is installed OR ruby2.7-rubygem-rack-2.0-2.0.9-1.10 is installed OR ruby3.0-rubygem-rack-2.2.3-1.7 is installed OR ruby3.0-rubygem-rack-1_6-1.6.13-1.13 is installed OR ruby3.0-rubygem-rack-2.0-2.0.9-1.10 is installed OR ruby3.1-rubygem-rack-2.2.3.1-1.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-rack-2.0.3-1.29 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Availability 15 is installed OR SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-rack-2.0.3-1.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND ruby2.1-rubygem-rack is affected Definition Synopsis Release Information SUSE Linux Enterprise High Availability 15 SP1 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed OR SUSE Linux Enterprise Server 15 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed OR SUSE Manager Proxy 4.0 is installed OR SUSE Manager Retail Branch Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND ruby2.5-rubygem-rack-2.0.3-1.29 is installed
BACK