Oval Definition:oval:org.opensuse.security:def:20130263
Revision Date:2022-06-30Version:1
Title:CVE-2013-0263
Description:

Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-0263
Mitre CVE-2013-0263
SUSE CVE-2013-0263
openSUSE-SU-2013:0338-1
openSUSE-SU-2013:0338-1
openSUSE-SU-2013:0462-1
openSUSE-SU-2013:0462-1
Platform(s):BDK 11 SP2
openSUSE 12.1
openSUSE 12.1 Update
openSUSE 12.2 Update
openSUSE Tumbleweed
SUSE Cloud 1.0
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Lifecycle Management Server 1.3
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
SUSE Studio Extension for System z 1.2
SUSE Studio Onsite 1.2 [Appliance - Studio]
SUSE Studio Onsite 1.3
SUSE Studio Standard Edition 1.2
WebYaST 1.2
WebYaST 1.3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND rubygem-rack-1_4-1.4.5-0.5 is installed
    • Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND Package Information
  • ruby2.1-rubygem-chef-10.32.2-3 is installed
  • OR rubygem-chef-10.32.2-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • ruby2.1-rubygem-chef-10.32.2-3 is installed
  • OR ruby2.1-rubygem-chef-expander-10.32.2-1 is installed
  • OR ruby2.1-rubygem-chef-server-10.32.2-1 is installed
  • OR ruby2.1-rubygem-chef-server-api-10.32.2-4 is installed
  • OR ruby2.1-rubygem-chef-solr-10.32.2-1 is installed
  • OR ruby2.1-rubygem-rack-1.6.4-2 is installed
  • OR rubygem-chef-10.32.2-3 is installed
  • OR rubygem-chef-expander-10.32.2-1 is installed
  • OR rubygem-chef-server-api-10.32.2-4 is installed
  • OR rubygem-chef-solr-10.32.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND ruby2.5-rubygem-rack-2.0.3-1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 is installed
  • OR SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-rack-2.0.3-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND rubygem-rack is affected
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ruby2.1-rubygem-rack is affected
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-rack-2.0.3-1 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • ruby2.2-rubygem-rack-2.0.1-1.1 is installed
  • OR ruby2.2-rubygem-rack-1_4-1.4.7-1.8 is installed
  • OR ruby2.2-rubygem-rack-1_6-1.6.5-1.1 is installed
  • OR ruby2.2-rubygem-rack-doc-2.0.1-1.1 is installed
  • OR ruby2.2-rubygem-rack-doc-1_4-1.4.7-1.8 is installed
  • OR ruby2.2-rubygem-rack-doc-1_6-1.6.5-1.1 is installed
  • OR ruby2.2-rubygem-rack-testsuite-2.0.1-1.1 is installed
  • OR ruby2.2-rubygem-rack-testsuite-1_4-1.4.7-1.8 is installed
  • OR ruby2.2-rubygem-rack-testsuite-1_6-1.6.5-1.1 is installed
  • OR ruby2.3-rubygem-rack-2.0.1-1.1 is installed
  • OR ruby2.3-rubygem-rack-1_4-1.4.7-1.8 is installed
  • OR ruby2.3-rubygem-rack-1_6-1.6.5-1.1 is installed
  • OR ruby2.3-rubygem-rack-doc-2.0.1-1.1 is installed
  • OR ruby2.3-rubygem-rack-doc-1_4-1.4.7-1.8 is installed
  • OR ruby2.3-rubygem-rack-doc-1_6-1.6.5-1.1 is installed
  • OR ruby2.3-rubygem-rack-testsuite-2.0.1-1.1 is installed
  • OR ruby2.3-rubygem-rack-testsuite-1_4-1.4.7-1.8 is installed
  • OR ruby2.3-rubygem-rack-testsuite-1_6-1.6.5-1.1 is installed
  • OR ruby2.7-rubygem-rack-2.2.3-1.7 is installed
  • OR ruby2.7-rubygem-rack-1_6-1.6.13-1.13 is installed
  • OR ruby2.7-rubygem-rack-2.0-2.0.9-1.10 is installed
  • OR ruby3.0-rubygem-rack-2.2.3-1.7 is installed
  • OR ruby3.0-rubygem-rack-1_6-1.6.13-1.13 is installed
  • OR ruby3.0-rubygem-rack-2.0-2.0.9-1.10 is installed
  • OR ruby3.1-rubygem-rack-2.2.3.1-1.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-rack-2.0.3-1.29 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 is installed
  • OR SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-rack-2.0.3-1.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND ruby2.1-rubygem-rack is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND ruby2.5-rubygem-rack-2.0.3-1.29 is installed
    • BACK