Executive Summary

Informations
Name CVE-2015-3225 First vendor Publication 2015-07-26
Vendor Cve Last vendor Modification 2018-10-30

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-19 Data Handling

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 42
Os 2
Os 2

Nessus® Vulnerability Scanner

Date Description
2015-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_pcs_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2015-2290.nasl - Type : ACT_GATHER_INFO
2015-11-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2290.nasl - Type : ACT_GATHER_INFO
2015-08-28 Name : The remote Fedora host is missing a security update.
File : fedora_2015-12979.nasl - Type : ACT_GATHER_INFO
2015-08-20 Name : The remote Fedora host is missing a security update.
File : fedora_2015-12978.nasl - Type : ACT_GATHER_INFO
2015-08-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3322.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-498.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-499.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-500.nasl - Type : ACT_GATHER_INFO
2015-06-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-254.nasl - Type : ACT_GATHER_INFO
2015-06-18 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_eb8a89788dd549ce87f449667b2166dd.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/75232
CONFIRM https://github.com/rack/rack/blob/master/HISTORY.md
DEBIAN http://www.debian.org/security/2015/dsa-3322
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173....
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180....
MLIST http://openwall.com/lists/oss-security/2015/06/16/14
https://groups.google.com/forum/message/raw?msg=rubyonrails-security/gcUbICUm...
REDHAT http://rhn.redhat.com/errata/RHSA-2015-2290.html
SUSE http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
Date Informations
2024-02-02 01:31:57
  • Multiple Updates
2024-02-01 12:09:20
  • Multiple Updates
2023-09-05 12:30:22
  • Multiple Updates
2023-09-05 01:09:11
  • Multiple Updates
2023-09-02 12:30:19
  • Multiple Updates
2023-09-02 01:09:21
  • Multiple Updates
2023-08-12 12:33:05
  • Multiple Updates
2023-08-12 01:08:49
  • Multiple Updates
2023-08-11 12:28:23
  • Multiple Updates
2023-08-11 01:09:04
  • Multiple Updates
2023-08-06 12:27:34
  • Multiple Updates
2023-08-06 01:08:49
  • Multiple Updates
2023-08-04 12:27:40
  • Multiple Updates
2023-08-04 01:08:53
  • Multiple Updates
2023-07-14 12:27:40
  • Multiple Updates
2023-07-14 01:08:50
  • Multiple Updates
2023-03-29 01:29:23
  • Multiple Updates
2023-03-28 12:09:10
  • Multiple Updates
2022-10-11 12:24:54
  • Multiple Updates
2022-10-11 01:08:59
  • Multiple Updates
2021-11-03 01:18:41
  • Multiple Updates
2021-05-05 01:17:43
  • Multiple Updates
2021-05-04 12:39:23
  • Multiple Updates
2021-04-22 01:48:09
  • Multiple Updates
2020-05-23 01:55:34
  • Multiple Updates
2020-05-23 00:45:07
  • Multiple Updates
2019-09-27 12:07:18
  • Multiple Updates
2018-10-31 00:20:47
  • Multiple Updates
2018-01-26 12:06:19
  • Multiple Updates
2016-12-24 09:24:12
  • Multiple Updates
2016-12-22 09:23:58
  • Multiple Updates
2016-12-03 09:24:12
  • Multiple Updates
2016-11-29 00:25:11
  • Multiple Updates
2016-08-30 21:25:45
  • Multiple Updates
2016-04-27 02:20:22
  • Multiple Updates
2015-12-23 13:25:51
  • Multiple Updates
2015-12-03 13:26:37
  • Multiple Updates
2015-11-21 13:25:50
  • Multiple Updates
2015-08-29 13:33:51
  • Multiple Updates
2015-08-21 13:20:20
  • Multiple Updates
2015-08-19 00:24:14
  • Multiple Updates
2015-08-18 09:20:08
  • Multiple Updates
2015-08-12 13:33:22
  • Multiple Updates
2015-08-04 17:26:20
  • Multiple Updates
2015-07-28 00:27:46
  • Multiple Updates
2015-07-27 05:30:11
  • First insertion