Lucene search
Gentoo FoundationGLSA-200605-11HistoryMay 10, 2006 - 12:00 a.m.
Ruby: Denial of service
2006-05-1000:00:00
Gentoo Foundation
security.gentoo.org
15
0.044 Low
EPSS
Percentile
92.4%
Background
Ruby is an interpreted scripting language for quick and easy object-oriented programming. It comes bundled with HTTP (“WEBrick”) and XMLRPC server objects.
Description
Ruby uses blocking sockets for WEBrick and XMLRPC servers.
Impact
An attacker could send large amounts of data to an affected server to block the socket and thus deny other connections to the server.
Workaround
There is no known workaround at this time.
Resolution
All Ruby users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.4-r1"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | dev-lang/ruby | < 1.8.4-r1 | UNKNOWN |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200605-11 (ruby)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200605-11 (ruby)
2008-09-24 00:00:00
Debian Security Advisory DSA 1157-1 (ruby1.8)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2006-1931
2006-04-20 00:00:00
ubuntu
ubuntu
Ruby vulnerability
2006-04-24 00:00:00
nessus
nessus
RHEL 4 : ruby (RHSA-2006:0427)
2006-05-13 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : ruby1.8 vulnerability (USN-273-1)
2006-04-26 00:00:00
CentOS 4 : ruby (CESA-2006:0427)
2006-07-05 00:00:00
redhat
redhat
(RHSA-2006:0427) ruby security update
2006-05-09 00:00:00
centos
centos
irb, ruby security update
2006-05-09 13:14:56
prion
prion
Design/Logic Flaw
2006-04-20 21:02:00
cvelist
cvelist
CVE-2006-1931
2006-04-20 21:00:00
cve
cve
CVE-2006-1931
2006-04-20 21:02:00
osv
osv
ruby1.8
2006-08-27 00:00:00
debian
debian
[SECURITY] [DSA 1157-1] New ruby1.8 packages fix several vulnerabilities
2006-08-27 00:00:00