CVE-2004-0755

Publication date 20 October 2004

Last updated 24 July 2024

Ubuntu priority

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ruby1.6	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Fixed 1.6.8-13ubuntu1
ruby1.8	7.04 feisty	Fixed 1.8.5-4ubuntu2
	6.10 edgy	Fixed 1.8.4-5ubuntu1.2
	6.06 LTS dapper	Fixed 1.8.4-1ubuntu1.3

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0755