CVE-2014-1233
paratrooper-pingdom - Exposure of Sensitive Information via Process Listing
Title source: llmDescription
The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://www.vapid.dhs.org/advisories/paratrooper-api-key-pingdom.html
Exploit mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2014/01/08/1
Scores
EPSS
0.0007
EPSS Percentile
21.0%
Details
CWE
CWE-200
Status
published
Products (2)
rubygems/paratrooper-pingdom
0RubyGems
tobias_maier/paratrooper-pingdom
1.0.0
Published
Jan 10, 2014
Tracked Since
Feb 18, 2026