--- layout: page title: July 2005 Archives ---

security@ruby-lang.org

Created security@ruby-lang.org . If you have found vulnerabilities in Ruby, please report to this address. security@ruby-lang.org is a private ML, and anyone can post to it without subscription.

Posted by Shugo Maeda on 02 Jul 2005

XMLRPC.iPIMethods Vulnerability

On Fri Jun 17 2005, a vulnerability of XMLRPC.iPIMethods was reported in [ruby-core:05237]. Remote attackers can execute arbitrary commands by this vulnerability.

Affected Programs

Programs providing XML-RPC services by XMLRPC.iPIMethods are affected.

Fix

This vulnerability was already fixed in both the CVS HEAD and the ruby_1_8 branch.

Please apply this patch for ruby-1.8.2.

Posted by Shugo Maeda on 01 Jul 2005

<< Back to 2005 Archives