Remote Denial of Service Vulnerability in Rack by Pivotal
CVE-2013-0184

Currently unrated

Key Information:

Vendor: Rack Project
Status: Rack
Vendor: CVE Published:; 1 March 2013

What is CVE-2013-0184?

An unspecified vulnerability in the Rack::Auth::AbstractRequest component of Rack allows remote attackers to cause a denial of service. This is achieved through unknown vectors, which may involve the handling of symbolized arbitrary strings. Affected versions include Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4. It is recommended to update to the latest versions to mitigate the risks associated with this vulnerability.

References

https://bugzilla.redhat.com/show_bug.cgi?id=895384

x_refsource_MISC

http://lists.opensuse.org/opensuse-updates/2013-03/msg000...

vendor-advisoryx_refsource_SUSE

http://rhn.redhat.com/errata/RHSA-2013-0548.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Mar 1, 2013
Vulnerability Reserved
Dec 6, 2012

Rack Project

What is CVE-2013-0184?

References

Timeline