Lucene search
Gentoo FoundationMGASA-2013-0229HistoryJul 26, 2013 - 3:29 p.m.
Updated ruby packages fix CVE-2013-4073
2013-07-2615:29:37
Gentoo Foundation
advisories.mageia.org
8
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.5%
A vulnerability in Ruby’s SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority (CVE-2013-4073).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 2 | noarch | ruby | < 1.8.7.p358-1.3 | ruby-1.8.7.p358-1.3.mga2 |
| Mageia | 3 | noarch | ruby | < 1.9.3.p448-1 | ruby-1.9.3.p448-1.mga3 |
| Mageia | 3 | noarch | ruby-linecache19 | < 0.5.13-5.1 | ruby-linecache19-0.5.13-5.1.mga3 |
| Mageia | 3 | noarch | ruby-ruby-debug-base19 | < 0.11.26-5.1 | ruby-ruby-debug-base19-0.11.26-5.1.mga3 |
Related
nessus
nessus
RHEL 5 / 6 : ruby (RHSA-2013:1090)
2013-07-18 00:00:00
Fedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123)
2013-07-12 00:00:00
Fedora 19 : ruby-2.0.0.247-14.fc19 (2013-12663)
2013-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: ruby-2.0.0.247-14.fc19
2013-07-16 01:36:47
[SECURITY] Fedora 18 Update: ruby-1.9.3.448-31.fc18
2013-07-11 02:28:11
[SECURITY] Fedora 19 Update: ruby-2.0.0.353-16.fc19
2013-12-04 07:01:16
redhat
redhat
(RHSA-2013:1137) Moderate: ruby193-ruby security update
2013-08-05 00:00:00
(RHSA-2013:1103) Moderate: ruby193-ruby security update
2013-07-23 00:00:00
(RHSA-2013:1090) Moderate: ruby security update
2013-07-17 00:00:00
openvas
openvas
CentOS Update for ruby CESA-2013:1090 centos5
2013-08-01 00:00:00
Fedora Update for ruby FEDORA-2013-12663
2013-08-20 00:00:00
CentOS Update for ruby CESA-2013:1090 centos6
2013-08-01 00:00:00
threatpost
threatpost
OpenSSL Man-in-the-middle flaw fixed in Ruby
2013-06-27 12:04:28
securityvulns
securityvulns
Ruby certificate spoofing
2013-07-01 00:00:00
[slackware-security] ruby (SSA:2013-178-01)
2013-07-01 00:00:00
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
2014-02-28 00:00:00
centos
centos
ruby security update
2013-07-17 19:44:42
veracode
veracode
Man-in-the-Middle (MitM)
2019-01-15 08:56:39
freebsd
freebsd
ruby -- Hostname check bypassing vulnerability in SSL client
2013-06-27 00:00:00
slackware
slackware
[slackware-security] ruby
2013-06-28 01:16:46
oraclelinux
oraclelinux
ruby security update
2013-07-17 00:00:00
ubuntu
ubuntu
Ruby vulnerability
2013-07-09 00:00:00
debian
debian
[SECURITY] [DSA 2738-1] ruby1.9.1 security update
2013-08-18 16:58:53
[SECURITY] [DSA 2809-1] ruby1.8 security update
2013-12-04 21:28:11
[SECURITY] [DSA 2809-1] ruby1.8 security update
2013-12-04 21:28:11
f5
f5
K15683 : Ruby vulnerability CVE-2013-4073
2014-10-09 00:00:00
SOL15683 - Ruby vulnerability CVE-2013-4073
2014-10-09 00:00:00
osv
osv
ruby1.9.1 - several
2013-08-18 00:00:00
ruby1.8 - several
2013-12-04 00:00:00
prion
prion
Design/Logic Flaw
2013-08-18 02:52:00
debiancve
debiancve
CVE-2013-4073
2013-08-18 02:52:00
ubuntucve
ubuntucve
CVE-2013-4073
2013-06-28 00:00:00
cve
cve
CVE-2013-4073
2013-08-18 02:52:00
rubygems
rubygems
CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client
2013-06-26 20:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.5%
Related for MGASA-2013-0229