2017-10-16 12:31:07 -04:00
{
2023-02-13 04:05:13 +00:00
"data_version" : "4.0" ,
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
2019-03-18 00:01:17 +00:00
"CVE_data_meta" : {
"ID" : "CVE-2013-0263" ,
2023-02-13 04:05:13 +00:00
"ASSIGNER" : "secalert@redhat.com" ,
2019-03-18 00:01:17 +00:00
"STATE" : "PUBLIC"
} ,
2023-02-13 04:05:13 +00:00
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
2019-03-18 00:01:17 +00:00
"affects" : {
"vendor" : {
"vendor_data" : [
{
2023-02-13 04:05:13 +00:00
"vendor_name" : "n/a" ,
2019-03-18 00:01:17 +00:00
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
2023-02-13 04:05:13 +00:00
"version_affected" : "=" ,
2019-03-18 00:01:17 +00:00
"version_value" : "n/a"
}
]
}
}
]
2023-02-13 04:05:13 +00:00
}
2019-03-18 00:01:17 +00:00
}
2017-10-16 12:31:07 -04:00
]
2019-03-18 00:01:17 +00:00
}
} ,
"references" : {
"reference_data" : [
{
2023-02-13 04:05:13 +00:00
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0686.html" ,
"refsource" : "MISC" ,
"name" : "http://rhn.redhat.com/errata/RHSA-2013-0686.html"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://secunia.com/advisories/52774" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/52774"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html" ,
"refsource" : "MISC" ,
"name" : "http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://www.debian.org/security/2013/dsa-2783" ,
"refsource" : "MISC" ,
"name" : "http://www.debian.org/security/2013/dsa-2783"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://rack.github.com/" ,
"refsource" : "MISC" ,
"name" : "http://rack.github.com/"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://secunia.com/advisories/52033" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/52033"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=909071" ,
"refsource" : "MISC" ,
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=909071"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ" ,
"refsource" : "MISC" ,
"name" : "https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ" ,
"refsource" : "MISC" ,
"name" : "https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://secunia.com/advisories/52134" ,
2019-03-18 00:01:17 +00:00
"refsource" : "MISC" ,
2023-02-13 04:05:13 +00:00
"name" : "http://secunia.com/advisories/52134"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "http://www.osvdb.org/89939" ,
"refsource" : "MISC" ,
"name" : "http://www.osvdb.org/89939"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://gist.github.com/codahale/f9f3781f7b54985bee94" ,
"refsource" : "MISC" ,
"name" : "https://gist.github.com/codahale/f9f3781f7b54985bee94"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07" ,
"refsource" : "MISC" ,
"name" : "https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11" ,
"refsource" : "MISC" ,
"name" : "https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J" ,
"refsource" : "MISC" ,
"name" : "https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ" ,
2019-03-18 00:01:17 +00:00
"refsource" : "MISC" ,
2023-02-13 04:05:13 +00:00
"name" : "https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ" ,
2019-03-18 00:01:17 +00:00
"refsource" : "MISC" ,
2023-02-13 04:05:13 +00:00
"name" : "https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://puppet.com/security/cve/cve-2013-0263" ,
"refsource" : "MISC" ,
"name" : "https://puppet.com/security/cve/cve-2013-0263"
2019-03-18 00:01:17 +00:00
} ,
{
2023-02-13 04:05:13 +00:00
"url" : "https://twitter.com/coda/statuses/299732877745197056" ,
"refsource" : "MISC" ,
"name" : "https://twitter.com/coda/statuses/299732877745197056"
2019-03-18 00:01:17 +00:00
}
]
}
}
