Lucene search

K
amazonAmazonALAS-2013-173
HistoryMar 14, 2013 - 10:04 p.m.

Medium: ruby

2013-03-1422:04:00
alas.aws.amazon.com
11

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.236 Low

EPSS

Percentile

96.5%

Issue Overview:

It was discovered that Ruby’s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)

It was found that the RHSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. (CVE-2011-1005)

Affected Packages:

ruby

Issue Correction:
Run yum update ruby to update your system.

New Packages:

i686:  
    ruby-ri-1.8.7.371-2.25.amzn1.i686  
    ruby-1.8.7.371-2.25.amzn1.i686  
    ruby-devel-1.8.7.371-2.25.amzn1.i686  
    ruby-libs-1.8.7.371-2.25.amzn1.i686  
    ruby-static-1.8.7.371-2.25.amzn1.i686  
    ruby-debuginfo-1.8.7.371-2.25.amzn1.i686  
  
noarch:  
    ruby-irb-1.8.7.371-2.25.amzn1.noarch  
    ruby-rdoc-1.8.7.371-2.25.amzn1.noarch  
  
src:  
    ruby-1.8.7.371-2.25.amzn1.src  
  
x86_64:  
    ruby-ri-1.8.7.371-2.25.amzn1.x86_64  
    ruby-libs-1.8.7.371-2.25.amzn1.x86_64  
    ruby-static-1.8.7.371-2.25.amzn1.x86_64  
    ruby-1.8.7.371-2.25.amzn1.x86_64  
    ruby-devel-1.8.7.371-2.25.amzn1.x86_64  
    ruby-debuginfo-1.8.7.371-2.25.amzn1.x86_64  

Additional References

Red Hat: CVE-2011-1005, CVE-2012-4481, CVE-2013-1821

Mitre: CVE-2011-1005, CVE-2012-4481, CVE-2013-1821

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.236 Low

EPSS

Percentile

96.5%