Insecure File Permissions in CGI::Session for Ruby

Insecure File Permissions in CGI::Session for Ruby

CVE-2004-0755 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.

Learn more about our User Device Pen Test.