July 2005 Archives

Created security@ruby-lang.org . If you have found vulnerabilities in Ruby, please report to this address. security@ruby-lang.org is a private ML, and anyone can post to it without subscription.

On Fri Jun 17 2005, a vulnerability of XMLRPC.iPIMethods was reported in [ruby-core:05237]. Remote attackers can execute arbitrary commands by this vulnerability.