Debian DLA-263-1 : ruby1.9.1 security update

2015-07-02T00:00:00

Description

Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1. CVE-2012-5371 Jean-Philippe Aumasson identified that Ruby computed hash values without properly restricting the ability to trigger hash collisions predictably, allowing context-dependent attackers to cause a denial of service (CPU consumption). This is a different vulnerability than CVE-2011-4815. CVE-2013-0269 Thomas Hollstegge and Ben Murphy found that the JSON gem for Ruby allowed remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects. For the squeeze distribution, theses vulnerabilities have been fixed in version 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you upgrade your ruby1.9.1 package. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "DEBIAN_DLA-263.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DLA-263-1 : ruby1.9.1 security update", "description": "Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1.\n\nCVE-2012-5371\n\nJean-Philippe Aumasson identified that Ruby computed hash values without properly restricting the ability to trigger hash collisions predictably, allowing context-dependent attackers to cause a denial of service (CPU consumption). This is a different vulnerability than CVE-2011-4815.\n\nCVE-2013-0269\n\nThomas Hollstegge and Ben Murphy found that the JSON gem for Ruby allowed remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects.\n\nFor the squeeze distribution, theses vulnerabilities have been fixed in version 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you upgrade your ruby1.9.1 package.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-07-02T00:00:00", "modified": "2021-01-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/84494", "reporter": "This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.", "references": ["https://packages.debian.org/source/squeeze-lts/ruby1.9.1", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5371", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269", "https://lists.debian.org/debian-lts-announce/2015/07/msg00000.html"], "cvelist": ["CVE-2011-4815", "CVE-2012-5371", "CVE-2013-0269"], "immutableFields": [], "lastseen": "2023-01-11T14:58:22", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-10663"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2020-1416", "ALAS-2020-1422", "ALAS-2020-1423", "ALAS-2020-1426", "ALAS2-2021-1641"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-5371", "CVE-2012-5371", "CVE-2013-0269", "CVE-2020-10663"]}, {"type": "debian", "idList": ["DEBIAN:DLA-215-1:65755", "DEBIAN:DLA-2192-1:E4FCE", "DEBIAN:DLA-2192-1:FD86A", "DEBIAN:DLA-263-1:BBAC7", "DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-88-1:B6B6B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-0269", "DEBIANCVE:CVE-2020-10663"]}, {"type": "fedora", "idList": ["FEDORA:0656420CB7", "FEDORA:2CC4221AB7", "FEDORA:3E33620F8B", "FEDORA:563BE22162", "FEDORA:583CE20D04", "FEDORA:6D8EE20EB6", "FEDORA:B02B720F77", "FEDORA:BFF2C21133", "FEDORA:D0BBC20783", "FEDORA:D3F2E2077E"]}, {"type": "freebsd", "idList": ["40194E1C-6D89-11EA-8082-80EE73419AF3", "5E647CA3-2AEA-11E2-B745-001FD0AF1A4C", "91BE81E7-3FEA-11E1-AFC7-2C4138874F7D", "C79EB109-A754-45D7-B552-A42099EB2265"]}, {"type": "gentoo", "idList": ["GLSA-201412-27"]}, {"type": "github", "idList": ["GHSA-JPHG-QWRW-7W9G", "GHSA-X457-CW4H-HQ5F"]}, {"type": "hackerone", "idList": ["H1:706934"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "nessus", "idList": ["6482.PRM", "AL2_ALAS-2021-1641.NASL", "ALA_ALAS-2012-35.NASL", "ALA_ALAS-2020-1416.NASL", "ALA_ALAS-2020-1422.NASL", "ALA_ALAS-2020-1423.NASL", "ALA_ALAS-2020-1426.NASL", "CENTOS_RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0070.NASL", "DEBIAN_DLA-215.NASL", "DEBIAN_DLA-2192.NASL", "DEBIAN_DLA-88.NASL", "EULEROS_SA-2019-1428.NASL", "EULEROS_SA-2020-1590.NASL", "EULEROS_SA-2020-1615.NASL", "EULEROS_SA-2020-1686.NASL", "EULEROS_SA-2020-1691.NASL", "EULEROS_SA-2020-1717.NASL", "EULEROS_SA-2020-1955.NASL", "EULEROS_SA-2020-2139.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-17949.NASL", "FEDORA_2012-18017.NASL", "FEDORA_2013-3050.NASL", "FEDORA_2013-3052.NASL", "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "FREEBSD_PKG_5E647CA32AEA11E2B745001FD0AF1A4C.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FREEBSD_PKG_C79EB109A75445D7B552A42099EB2265.NASL", "GENTOO_GLSA-201412-27.NASL", "MACOSX_10_7_4.NASL", "MACOSX_SECUPD2012-002.NASL", "MACOSX_SERVER_3_0.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "OPENSUSE-2013-167.NASL", "OPENSUSE-2013-298.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ORACLELINUX_ELSA-2021-2587.NASL", "ORACLELINUX_ELSA-2021-2588.NASL", "REDHAT-RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2013-0582.NASL", "REDHAT-RHSA-2013-0686.NASL", "REDHAT-RHSA-2013-0701.NASL", "ROCKY_LINUX_RLSA-2020-2462.NASL", "ROCKY_LINUX_RLSA-2021-2587.NASL", "ROCKY_LINUX_RLSA-2021-2588.NASL", "SLACKWARE_SSA_2012-341-04.NASL", "SLACKWARE_SSA_2013-075-01.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "SOLARIS11_RUBY_20120417.NASL", "SUSE_11_4_RUBY-120117.NASL", "SUSE_11_RUBY-187P357-120126.NASL", "SUSE_11_RUBY-187P357-120127.NASL", "UBUNTU_USN-1377-1.NASL", "UBUNTU_USN-1733-1.NASL", "UBUNTU_USN-4882-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120218", "OPENVAS:1361412562310121313", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310122002", "OPENVAS:136141256231070754", "OPENVAS:136141256231072605", "OPENVAS:1361412562310802794", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310840923", "OPENVAS:1361412562310841320", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310864786", "OPENVAS:1361412562310864870", "OPENVAS:1361412562310865430", "OPENVAS:1361412562310865435", "OPENVAS:1361412562310865436", "OPENVAS:1361412562310865654", "OPENVAS:1361412562310866056", "OPENVAS:1361412562310870534", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310881137", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310881191", "OPENVAS:1361412562310892192", "OPENVAS:1361412562311220191428", "OPENVAS:1361412562311220201590", "OPENVAS:1361412562311220201615", "OPENVAS:1361412562311220201686", "OPENVAS:1361412562311220201691", "OPENVAS:1361412562311220201717", "OPENVAS:70754", "OPENVAS:72605", "OPENVAS:802794", "OPENVAS:831554", "OPENVAS:840923", "OPENVAS:841320", "OPENVAS:863681", "OPENVAS:863921", "OPENVAS:864786", "OPENVAS:864870", "OPENVAS:865430", "OPENVAS:865435", "OPENVAS:865436", "OPENVAS:865654", "OPENVAS:866056", "OPENVAS:870534", "OPENVAS:870638", "OPENVAS:881137", "OPENVAS:881167", "OPENVAS:881191"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "osv", "idList": ["OSV:DLA-215-1", "OSV:DLA-2192-1", "OSV:DLA-263-1", "OSV:DLA-88-1", "OSV:GHSA-JPHG-QWRW-7W9G", "OSV:GHSA-X457-CW4H-HQ5F"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070", "RHSA-2013:0582", "RHSA-2013:0686", "RHSA-2013:0701", "RHSA-2013:1028", "RHSA-2013:1185"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-10663"]}, {"type": "rubygems", "idList": ["RUBY:JSON-2013-0269-101137", "RUBY:JSON-2020-10663", "RUBY:RUBY-2011-4815-78118", "RUBY:RUBY-2012-5371-87863", "RUBY:RUBY-2020-10663"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:29063", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:VULN:12738", "SECURITYVULNS:VULN:12900"]}, {"type": "seebug", "idList": ["SSV:26121", "SSV:26126"]}, {"type": "slackware", "idList": ["SSA-2012-341-04", "SSA-2013-075-01"]}, {"type": "suse", "idList": ["SUSE-SU-2013:0609-1", "SUSE-SU-2013:0609-2", "SUSE-SU-2013:0612-1", "SUSE-SU-2013:0615-1", "SUSE-SU-2013:0647-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4578050E70C81D137F2430D701799EDA"]}, {"type": "ubuntu", "idList": ["USN-1377-1", "USN-1733-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2012-5371", "UB:CVE-2013-0269", "UB:CVE-2020-10663"]}, {"type": "veracode", "idList": ["VERACODE:22758", "VERACODE:24852"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2020-1422"]}, {"type": "cve", "idList": ["CVE-2011-4815"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2192-1:E4FCE"]}, {"type": "fedora", "idList": ["FEDORA:0656420CB7"]}, {"type": "freebsd", "idList": ["40194E1C-6D89-11EA-8082-80EE73419AF3", "5E647CA3-2AEA-11E2-B745-001FD0AF1A4C", "C79EB109-A754-45D7-B552-A42099EB2265"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2020-10663/"]}, {"type": "nessus", "idList": ["FEDORA_2013-3050.NASL", "GENTOO_GLSA-201412-27.NASL", "OPENSUSE-2013-298.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231072605", "OPENVAS:865435"]}, {"type": "redhat", "idList": ["RHSA-2013:1028"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-10663"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12738"]}, {"type": "suse", "idList": ["SUSE-SU-2013:0609-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4578050E70C81D137F2430D701799EDA"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2011-4815", "epss": "0.020160000", "percentile": "0.871050000", "modified": "2023-03-13"}, {"cve": "CVE-2012-5371", "epss": "0.005680000", "percentile": "0.744310000", "modified": "2023-03-13"}, {"cve": "CVE-2013-0269", "epss": "0.025260000", "percentile": "0.884870000", "modified": "2023-03-13"}], "vulnersScore": 0.0}, "_state": {"dependencies": 1673449426, "score": 1673453377, "epss": 1678785924}, "_internal": {"score_hash": "922e20d4ad6823a056ed7dc6e6ee7545"}, "pluginID": "84494", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-263-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84494);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0269\");\n script_bugtraq_id(56484, 57899);\n\n script_name(english:\"Debian DLA-263-1 : ruby1.9.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were identified in the Ruby language interpreter,\nversion 1.9.1.\n\nCVE-2012-5371\n\nJean-Philippe Aumasson identified that Ruby computed hash values\nwithout properly restricting the ability to trigger hash collisions\npredictably, allowing context-dependent attackers to cause a denial of\nservice (CPU consumption). This is a different vulnerability than\nCVE-2011-4815.\n\nCVE-2013-0269\n\nThomas Hollstegge and Ben Murphy found that the JSON gem for Ruby\nallowed remote attackers to cause a denial of service (resource\nconsumption) or bypass the mass assignment protection mechanism via a\ncrafted JSON document that triggers the creation of arbitrary Ruby\nsymbols or certain internal objects.\n\nFor the squeeze distribution, theses vulnerabilities have been fixed\nin version 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you\nupgrade your ruby1.9.1 package.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/07/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/ruby1.9.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.9.1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtcltk-ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ri1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-elisp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-full\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.9.1-dbg\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtcltk-ruby1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ri1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-dev\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-elisp\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-examples\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-full\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:libruby1.9.1", "p-cpe:/a:debian:debian_linux:libruby1.9.1-dbg", "p-cpe:/a:debian:debian_linux:libtcltk-ruby1.9.1", "p-cpe:/a:debian:debian_linux:ri1.9.1", "p-cpe:/a:debian:debian_linux:ruby1.9.1", "p-cpe:/a:debian:debian_linux:ruby1.9.1-dev", "p-cpe:/a:debian:debian_linux:ruby1.9.1-elisp", "p-cpe:/a:debian:debian_linux:ruby1.9.1-examples", "p-cpe:/a:debian:debian_linux:ruby1.9.1-full", "cpe:/o:debian:debian_linux:6.0"], "solution": "Upgrade the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2015-07-01T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}

{"debian": [{"lastseen": "2022-06-28T23:41:44", "description": "Package : ruby1.9.1\nVersion : 1.9.2.0-2+deb6u5\nCVE ID : CVE-2012-5371 CVE-2013-0269\nDebian Bug : 693024 700471\n\nTwo vulnerabilities were identified in the Ruby language interpreter,\nversion 1.9.1.\n\nCVE-2012-5371\n\n Jean-Philippe Aumasson identified that Ruby computed hash values\n without properly restricting the ability to trigger hash collisions\n predictably, allowing context-dependent attackers to cause a denial\n of service (CPU consumption). This is a different vulnerability than\n CVE-2011-4815.\n\nCVE-2013-0269\n\n Thomas Hollstegge and Ben Murphy found that the JSON gem for Ruby\n allowed remote attackers to cause a denial of service (resource\n consumption) or bypass the mass assignment protection mechanism via\n a crafted JSON document that triggers the creation of arbitrary Ruby\n symbols or certain internal objects.\n\nFor the squeeze distribution, theses vulnerabilities have been fixed in\nversion 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you upgrade\nyour ruby1.9.1 package.\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {}, "published": "2015-07-01T10:09:26", "type": "debian", "title": "[SECURITY] [DLA 263-1] ruby1.9.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815", "CVE-2012-5371", "CVE-2013-0269"], "modified": "2015-07-01T10:09:26", "id": "DEBIAN:DLA-263-1:BBAC7", "href": "https://lists.debian.org/debian-lts-announce/2015/07/msg00000.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-23T22:29:00", "description": "Package : libjson-ruby\nVersion : 1.1.9-1+deb6u1\nCVE ID : CVE-2013-0269\n\nThe JSON gem for Ruby allowed remote attackers to cause a denial of\nservice (resource consumption) or bypass the mass assignment protection\nmechanism via a crafted JSON document that triggers the creation of\narbitrary Ruby symbols or certain internal objects, as demonstrated by\nconducting a SQL injection attack against Ruby on Rails, aka "Unsafe\nObject Creation Vulnerability."\n\nFor Debian 6 \u201cSqueeze\u201d, this issue has been fixed in libjson-ruby\nversion 1.1.9-1+deb6u1.\n\n-- \nRapha\u00ebl Hertzog \u25c8 Debian Developer\n\nSupport Debian LTS: http://www.freexian.com/services/debian-lts.html\nLearn to master Debian: http://debian-handbook.info/get/\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {}, "published": "2015-04-30T16:34:41", "type": "debian", "title": "[SECURITY] [DLA 215-1] libjson-ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2015-04-30T16:34:41", "id": "DEBIAN:DLA-215-1:65755", "href": "https://lists.debian.org/debian-lts-announce/2015/04/msg00029.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:22:14", "description": "Package : ruby2.1\nVersion : 2.1.5-2+deb8u10\nCVE ID : CVE-2020-10663\n\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an\nunsafe object creation vulnerability.\nThis is quite similar to CVE-2013-0269, but does not rely on poor\ngarbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within\nthe interpreter, with adverse effects that are application-dependent.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-30T22:01:47", "type": "debian", "title": "[SECURITY] [DLA 2192-1] ruby2.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-04-30T22:01:47", "id": "DEBIAN:DLA-2192-1:FD86A", "href": "https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-26T19:14:32", "description": "Package : ruby2.1\nVersion : 2.1.5-2+deb8u10\nCVE ID : CVE-2020-10663\n\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an\nunsafe object creation vulnerability.\nThis is quite similar to CVE-2013-0269, but does not rely on poor\ngarbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within\nthe interpreter, with adverse effects that are application-dependent.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-30T22:01:47", "type": "debian", "title": "[SECURITY] [DLA 2192-1] ruby2.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-04-30T22:01:47", "id": "DEBIAN:DLA-2192-1:E4FCE", "href": "https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-19T05:14:05", "description": "Package : ruby1.8\nVersion : 1.8.7.302-2squeeze3\nCVE ID : CVE-2011-0188 CVE-2011-2686 CVE-2011-2705 CVE-2011-4815\n CVE-2014-8080 CVE-2014-8090\n\nThis update fixes multiple local and remote denial of service and remote code\nexecute problems:\n\nCVE-2011-0188 \n \nProperly allocate memory, to prevent arbitrary code execution or application \ncrash. Reported by Drew Yao.\n\nCVE-2011-2686\n\nReinitialize the random seed when forking to prevent CVE-2003-0900 like \nsituations.\n\nCVE-2011-2705 \n \nModify PRNG state to prevent random number sequence repeatation at forked \nchild process which has same pid. Reported by Eric Wong.\n\nCVE-2011-4815\n\nFix a problem with predictable hash collisions resulting in denial of service \n(CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n\nCVE-2014-8080\n\nFix REXML parser to prevent memory consumption denial of service via crafted \nXML documents. Reported by Willis Vandevanter.\n\nCVE-2014-8090\n\nAdd REXML::Document#document to complement the fix for CVE-2014-8080.\nReported by Tomas Hoger.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2014-11-21T15:18:14", "type": "debian", "title": "[SECURITY] [DLA 88-1] ruby1.8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0900", "CVE-2011-0188", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2014-11-21T15:18:14", "id": "DEBIAN:DLA-88-1:4DC9E", "href": "https://lists.debian.org/debian-lts-announce/2014/11/msg00007.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-23T22:35:32", "description": "Package : ruby1.8\nVersion : 1.8.7.302-2squeeze3\nCVE ID : CVE-2011-0188 CVE-2011-2686 CVE-2011-2705 CVE-2011-4815\n CVE-2014-8080 CVE-2014-8090\n\nThis update fixes multiple local and remote denial of service and remote code\nexecute problems:\n\nCVE-2011-0188 \n \nProperly allocate memory, to prevent arbitrary code execution or application \ncrash. Reported by Drew Yao.\n\nCVE-2011-2686\n\nReinitialize the random seed when forking to prevent CVE-2003-0900 like \nsituations.\n\nCVE-2011-2705 \n \nModify PRNG state to prevent random number sequence repeatation at forked \nchild process which has same pid. Reported by Eric Wong.\n\nCVE-2011-4815\n\nFix a problem with predictable hash collisions resulting in denial of service \n(CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n\nCVE-2014-8080\n\nFix REXML parser to prevent memory consumption denial of service via crafted \nXML documents. Reported by Willis Vandevanter.\n\nCVE-2014-8090\n\nAdd REXML::Document#document to complement the fix for CVE-2014-8080.\nReported by Tomas Hoger.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2014-11-21T15:18:14", "type": "debian", "title": "[SECURITY] [DLA 88-1] ruby1.8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0900", "CVE-2011-0188", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2014-11-21T15:18:14", "id": "DEBIAN:DLA-88-1:B6B6B", "href": "https://lists.debian.org/debian-lts-announce/2014/11/msg00007.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "osv": [{"lastseen": "2022-08-05T05:19:08", "description": "\nTwo vulnerabilities were identified in the Ruby language interpreter,\nversion 1.9.1.\n\n\n* [CVE-2012-5371](https://security-tracker.debian.org/tracker/CVE-2012-5371)\nJean-Philippe Aumasson identified that Ruby computed hash values\n without properly restricting the ability to trigger hash collisions\n predictably, allowing context-dependent attackers to cause a denial\n of service (CPU consumption). This is a different vulnerability than\n [CVE-2011-4815](https://security-tracker.debian.org/tracker/CVE-2011-4815).\n* [CVE-2013-0269](https://security-tracker.debian.org/tracker/CVE-2013-0269)\nThomas Hollstegge and Ben Murphy found that the JSON gem for Ruby\n allowed remote attackers to cause a denial of service (resource\n consumption) or bypass the mass assignment protection mechanism via\n a crafted JSON document that triggers the creation of arbitrary Ruby\n symbols or certain internal objects.\n\n\nFor the squeeze distribution, theses vulnerabilities have been fixed in\nversion 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you upgrade\nyour ruby1.9.1 package.\n\n\n", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "osv", "title": "ruby1.9.1 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371", "CVE-2013-0269", "CVE-2011-4815"], "modified": "2022-08-05T05:19:05", "id": "OSV:DLA-263-1", "href": "https://osv.dev/vulnerability/DLA-263-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-05T05:19:06", "description": "\nThe JSON gem for Ruby allowed remote attackers to cause a denial of\nservice (resource consumption) or bypass the mass assignment protection\nmechanism via a crafted JSON document that triggers the creation of\narbitrary Ruby symbols or certain internal objects, as demonstrated by\nconducting a SQL injection attack against Ruby on Rails, aka \"Unsafe\nObject Creation Vulnerability.\"\n\n\nFor Debian 6 Squeeze, this issue has been fixed in libjson-ruby\nversion 1.1.9-1+deb6u1.\n\n\n", "cvss3": {}, "published": "2015-04-30T00:00:00", "type": "osv", "title": "libjson-ruby - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2022-08-05T05:18:44", "id": "OSV:DLA-215-1", "href": "https://osv.dev/vulnerability/DLA-215-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-14T05:48:35", "description": "The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka \"Unsafe Object Creation Vulnerability.\"", "cvss3": {}, "published": "2017-10-24T18:33:37", "type": "osv", "title": "JSON gem has Improper Input Validation vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2023-03-14T05:48:33", "id": "OSV:GHSA-X457-CW4H-HQ5F", "href": "https://osv.dev/vulnerability/GHSA-x457-cw4h-hq5f", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:18:47", "description": "\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an\nunsafe object creation vulnerability.\nThis is quite similar to [CVE-2013-0269](https://security-tracker.debian.org/tracker/CVE-2013-0269), but does not rely on poor\ngarbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within\nthe interpreter, with adverse effects that are application-dependent.\n\n\nFor Debian 8 Jessie, this problem has been fixed in version\n2.1.5-2+deb8u10.\n\n\nWe recommend that you upgrade your ruby2.1 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-01T00:00:00", "type": "osv", "title": "ruby2.1 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-08-05T05:18:45", "id": "OSV:DLA-2192-1", "href": "https://osv.dev/vulnerability/DLA-2192-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-13T05:44:31", "description": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269/GHSA-x457-cw4h-hq5f, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-27T18:08:21", "type": "osv", "title": "Unsafe object creation in json RubyGem", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2023-03-13T05:44:30", "id": "OSV:GHSA-JPHG-QWRW-7W9G", "href": "https://osv.dev/vulnerability/GHSA-jphg-qwrw-7w9g", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:12:05", "description": "\nThis update fixes multiple local and remote denial of service and remote code\nexecute problems:\n\n\n* [CVE-2011-0188](https://security-tracker.debian.org/tracker/CVE-2011-0188)\nProperly allocate memory, to prevent arbitrary code execution or application\ncrash. Reported by Drew Yao.\n* [CVE-2011-2686](https://security-tracker.debian.org/tracker/CVE-2011-2686)\nReinitialize the random seed when forking to prevent [CVE-2003-0900](https://security-tracker.debian.org/tracker/CVE-2003-0900) like\nsituations.\n* [CVE-2011-2705](https://security-tracker.debian.org/tracker/CVE-2011-2705)\nModify PRNG state to prevent random number sequence repeatation at forked\nchild process which has same pid. Reported by Eric Wong.\n* [CVE-2011-4815](https://security-tracker.debian.org/tracker/CVE-2011-4815)\nFix a problem with predictable hash collisions resulting in denial of service\n(CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde.\n* [CVE-2014-8080](https://security-tracker.debian.org/tracker/CVE-2014-8080)\nFix REXML parser to prevent memory consumption denial of service via crafted\nXML documents. Reported by Willis Vandevanter.\n* [CVE-2014-8090](https://security-tracker.debian.org/tracker/CVE-2014-8090)\nAdd REXML::Document#document to complement the fix for [CVE-2014-8080](https://security-tracker.debian.org/tracker/CVE-2014-8080).\nReported by Tomas Hoger.\n\n\nFor Debian 6 Squeeze, these issues have been fixed in ruby1.8 version 1.8.7.302-2squeeze3\n\n\n", "cvss3": {}, "published": "2014-11-21T00:00:00", "type": "osv", "title": "ruby1.8 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0188", "CVE-2014-8090", "CVE-2011-2705", "CVE-2011-2686", "CVE-2003-0900", "CVE-2014-8080", "CVE-2011-4815"], "modified": "2022-07-21T05:54:57", "id": "OSV:DLA-88-1", "href": "https://osv.dev/vulnerability/DLA-88-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:27:21", "description": "Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash\nvalues without properly restricting the ability to trigger hash collisions\npredictably, which allows context-dependent attackers to cause a denial of\nservice (CPU consumption) via crafted input to an application that\nmaintains a hash table, as demonstrated by a universal multicollision\nattack against a variant of the MurmurHash2 algorithm, a different\nvulnerability than CVE-2011-4815.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693024>\n", "cvss3": {}, "published": "2012-11-28T00:00:00", "type": "ubuntucve", "title": "CVE-2012-5371", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815", "CVE-2012-5371"], "modified": "2012-11-28T00:00:00", "id": "UB:CVE-2012-5371", "href": "https://ubuntu.com/security/CVE-2012-5371", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:31:32", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting\nthe ability to trigger hash collisions predictably, which allows\ncontext-dependent attackers to cause a denial of service (CPU consumption)\nvia crafted input to an application that maintains a hash table.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | ruby 1.9+ randomizes hash\n", "cvss3": {}, "published": "2011-12-29T00:00:00", "type": "ubuntucve", "title": "CVE-2011-4815", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2011-12-29T00:00:00", "id": "UB:CVE-2011-4815", "href": "https://ubuntu.com/security/CVE-2011-4815", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T15:54:07", "description": "The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for\nRuby allows remote attackers to cause a denial of service (resource\nconsumption) or bypass the mass assignment protection mechanism via a\ncrafted JSON document that triggers the creation of arbitrary Ruby symbols\nor certain internal objects, as demonstrated by conducting a SQL injection\nattack against Ruby on Rails, aka \"Unsafe Object Creation Vulnerability.\"\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700436>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700471 (ruby1.9.1)>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | 1.7 patch was updated, see second Google groups reference, the upstream patch URL given here is the updated patch.\n", "cvss3": {}, "published": "2013-02-12T00:00:00", "type": "ubuntucve", "title": "CVE-2013-0269", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2013-02-12T00:00:00", "id": "UB:CVE-2013-0269", "href": "https://ubuntu.com/security/CVE-2013-0269", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T13:43:31", "description": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5\nthrough 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation\nVulnerability. This is quite similar to CVE-2013-0269, but does not rely on\npoor garbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within the\ninterpreter, with adverse effects that are application-dependent.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-28T00:00:00", "type": "ubuntucve", "title": "CVE-2020-10663", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-04-28T00:00:00", "id": "UB:CVE-2020-10663", "href": "https://ubuntu.com/security/CVE-2020-10663", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-02-09T14:10:11", "description": "Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815.", "cvss3": {}, "published": "2012-11-28T13:03:00", "type": "cve", "title": "CVE-2012-5371", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815", "CVE-2012-5371"], "modified": "2017-08-29T01:32:00", "cpe": ["cpe:/a:ruby-lang:ruby:1.9.3", "cpe:/a:ruby-lang:ruby:1.9", "cpe:/a:ruby-lang:ruby:1.9.1", "cpe:/a:ruby-lang:ruby:1.9.2", "cpe:/a:ruby-lang:ruby:2.0"], "id": "CVE-2012-5371", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5371", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:57:47", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "cvss3": {}, "published": "2011-12-30T01:55:00", "type": "cve", "title": "CVE-2011-4815", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2017-08-29T01:30:00", "cpe": ["cpe:/a:ruby-lang:ruby:1.8.7-p352", "cpe:/a:ruby-lang:ruby:1.8.7-p299", "cpe:/a:ruby-lang:ruby:1.8.7-p302", "cpe:/a:ruby-lang:ruby:1.8.7-p334", "cpe:/a:ruby-lang:ruby:1.8.7-p330"], "id": "CVE-2011-4815", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4815", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.8.7-p352:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p302:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p334:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p330:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p299:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:22:28", "description": "The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka \"Unsafe Object Creation Vulnerability.\"", "cvss3": {}, "published": "2013-02-13T01:55:00", "type": "cve", "title": "CVE-2013-0269", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2017-12-09T02:29:00", "cpe": ["cpe:/a:rubygems:json_gem:1.7.4", "cpe:/a:rubygems:json_gem:1.7.6", "cpe:/a:rubygems:json_gem:1.7.3", "cpe:/a:rubygems:json_gem:1.6.0", "cpe:/a:rubygems:json_gem:1.6.2", "cpe:/a:rubygems:json_gem:1.5.0", "cpe:/a:rubygems:json_gem:1.7.0", "cpe:/a:rubygems:json_gem:1.6.3", "cpe:/a:rubygems:json_gem:1.5.4", "cpe:/a:rubygems:json_gem:1.6.6", "cpe:/a:rubygems:json_gem:1.5.3", "cpe:/a:rubygems:json_gem:1.7.2", "cpe:/a:rubygems:json_gem:1.7.5", "cpe:/a:rubygems:json_gem:1.6.7", "cpe:/a:rubygems:json_gem:1.7.1", "cpe:/a:rubygems:json_gem:1.5.1", "cpe:/a:rubygems:json_gem:1.5.2", "cpe:/a:rubygems:json_gem:1.6.5", "cpe:/a:rubygems:json_gem:1.6.1", "cpe:/a:rubygems:json_gem:1.6.4"], "id": "CVE-2013-0269", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0269", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:rubygems:json_gem:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubygems:json_gem:1.5.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:00:02", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5371. Reason: This candidate is a duplicate of CVE-2012-5371. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2012-5371 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2012-11-28T00:55:00", "type": "cve", "title": "CVE-2011-5371", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2011-5371", "CVE-2012-5371"], "modified": "2012-11-28T00:55:00", "cpe": [], "id": "CVE-2011-5371", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5371", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2023-02-09T14:57:06", "description": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-28T21:15:00", "type": "cve", "title": "CVE-2020-10663", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-04-18T15:21:00", "cpe": ["cpe:/o:fedoraproject:fedora:30", "cpe:/o:apple:macos:11.0.1", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:opensuse:leap:15.1", "cpe:/o:fedoraproject:fedora:31", "cpe:/a:json_project:json:2.2.0", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2020-10663", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10663", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:json_project:json:2.2.0:*:*:*:*:ruby:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"]}], "rubygems": [{"lastseen": "2022-10-25T12:12:53", "description": "Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815.", "cvss3": {}, "published": "2012-11-23T00:00:00", "type": "rubygems", "title": "CVE-2012-5371 ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2012-5371", "CVE-2011-4815", "CVE-2012-5371"], "modified": "2012-11-23T00:00:00", "id": "RUBY:RUBY-2012-5371-87863", "href": "https://rubysec.com/advisories/2012-5371/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-25T12:12:53", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "cvss3": {}, "published": "2011-12-28T00:00:00", "type": "rubygems", "title": "CVE-2011-4815 ruby: hash table collisions CPU usage DoS (oCERT-2011-003)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2011-4815", "CVE-2011-4815"], "modified": "2011-12-28T00:00:00", "id": "RUBY:RUBY-2011-4815-78118", "href": "https://rubysec.com/advisories/2011-4815/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-25T12:12:52", "description": "The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka \"Unsafe Object Creation Vulnerability.\"", "cvss3": {}, "published": "2013-02-12T00:00:00", "type": "rubygems", "title": "CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2013-0269", "CVE-2013-0269"], "modified": "2013-02-12T00:00:00", "id": "RUBY:JSON-2013-0269-101137", "href": "https://rubysec.com/advisories/2013-0269/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-25T12:12:53", "description": "When parsing certain JSON documents, the json gem (including the one bundled\nwith Ruby) can be coerced into creating arbitrary objects in the target\nsystem.\n\nThis is the same issue as CVE-2013-0269. The previous fix was incomplete, which\naddressed `JSON.parse(user_input)`, but didn\u2019t address some other styles of JSON\nparsing including `JSON(user_input)` and `JSON.parse(user_input, nil)`.\n\nSee CVE-2013-0269 in detail. Note that the issue was exploitable to cause a\nDenial of Service by creating many garbage-uncollectable Symbol objects, but\nthis kind of attack is no longer valid because Symbol objects are now\ngarbage-collectable. However, creating arbitrary objects may cause severe\nsecurity consequences depending upon the application code.\n\nPlease update the json gem to version 2.3.0 or later. You can use `gem update\njson` to update it. If you are using bundler, please add `gem \"json\", \">= 2.3.0\"`\nto your Gemfile\n", "cvss3": {}, "published": "2020-03-19T00:00:00", "type": "rubygems", "title": "Unsafe Object Creation Vulnerability in JSON (Additional fix)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2020-10663", "CVE-2013-0269"], "modified": "2020-03-19T00:00:00", "id": "RUBY:RUBY-2020-10663", "href": "https://rubysec.com/advisories/2020-10663/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-25T12:12:52", "description": "There is an unsafe object creation vulnerability in the json gem bundled with\nRuby. This vulnerability has been assigned the CVE identifier CVE-2020-10663.\nWe strongly recommend upgrading the json gem.\n\nDetails\n-------\n\nWhen parsing certain JSON documents, the json gem (including the one bundled\nwith Ruby) can be coerced into creating arbitrary objects in the target system.\n\nThis is the same issue as CVE-2013-0269. The previous fix was incomplete, which\naddressed JSON.parse(user_input), but didn\u2019t address some other styles of JSON\nparsing including JSON(user_input) and JSON.parse(user_input, nil).\n\nSee CVE-2013-0269 in detail. Note that the issue was exploitable to cause a\nDenial of Service by creating many garbage-uncollectable Symbol objects, but\nthis kind of attack is no longer valid because Symbol objects are now\ngarbage-collectable. However, creating arbitrary objects may cause severe\nsecurity consequences depending upon the application code.\n", "cvss3": {}, "published": "2020-03-19T00:00:00", "type": "rubygems", "title": "json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2020-10663", "CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-03-19T00:00:00", "id": "RUBY:JSON-2020-10663", "href": "https://rubysec.com/advisories/2020-10663/", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-01-26T13:35:16", "description": "## Releases\n\n * Ubuntu 12.10 \n * Ubuntu 12.04 \n\n## Packages\n\n * ruby1.9.1 \\- Interpreter of object-oriented scripting language Ruby\n\nJean-Philippe Aumasson discovered that Ruby incorrectly generated \npredictable hash values. An attacker could use this issue to generate hash \ncollisions and cause a denial of service. (CVE-2012-5371)\n\nEvgeny Ermakov discovered that documentation generated by rdoc is \nvulnerable to a cross-site scripting issue. With cross-site scripting \nvulnerabilities, if a user were tricked into viewing a specially crafted \npage, a remote attacker could exploit this to modify the contents, or steal \nconfidential data, within the same domain. (CVE-2013-0256)\n\nThomas Hollstegge and Ben Murphy discovered that the JSON implementation \nin Ruby incorrectly handled certain crafted documents. An attacker could \nuse this issue to cause a denial of service or bypass certain protection \nmechanisms. (CVE-2013-0269)\n", "cvss3": {}, "published": "2013-02-21T00:00:00", "type": "ubuntu", "title": "Ruby vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2013-02-21T00:00:00", "id": "USN-1733-1", "href": "https://ubuntu.com/security/notices/USN-1733-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T13:37:29", "description": "## Releases\n\n * Ubuntu 11.10 \n * Ubuntu 11.04 \n * Ubuntu 10.10 \n * Ubuntu 10.04 \n\n## Packages\n\n * ruby1.8 \\- Interpreter of object-oriented scripting language Ruby 1.8\n\nDrew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site \nscripting attacks when displaying error pages. A remote attacker could use this \nflaw to run arbitrary web script. (CVE-2010-0541)\n\nDrew Yao discovered that Ruby's BigDecimal module did not properly allocate \nmemory on 64-bit platforms. An attacker could use this flaw to cause a denial \nof service or possibly execute arbitrary code with user privileges. \n(CVE-2011-0188)\n\nNicholas Jefferson discovered that the FileUtils.remove_entry_secure method in \nRuby did not properly remove non-empty directories. An attacker could use this \nflaw to possibly delete arbitrary files. (CVE-2011-1004)\n\nIt was discovered that Ruby incorrectly allowed untainted strings to be \nmodified in protective safe levels. An attacker could use this flaw to bypass \nintended access restrictions. (CVE-2011-1005)\n\nEric Wong discovered that Ruby does not properly reseed its pseudorandom number \ngenerator when creating child processes. An attacker could use this flaw to \ngain knowledge of the random numbers used in other Ruby child processes. \n(CVE-2011-2686)\n\nEric Wong discovered that the SecureRandom module in Ruby did not properly seed \nits pseudorandom number generator. An attacker could use this flaw to gain \nknowledge of the random numbers used by another Ruby process with the same \nprocess ID number. (CVE-2011-2705)\n\nAlexander Klink and Julian W\u00e4lde discovered that Ruby computed hash values \nwithout restricting the ability to trigger hash collisions predictably. A \nremote attacker could cause a denial of service by crafting values used in hash \ntables. (CVE-2011-4815)\n", "cvss3": {}, "published": "2012-02-28T00:00:00", "type": "ubuntu", "title": "Ruby vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0541", "CVE-2011-0188", "CVE-2011-1004", "CVE-2011-1005", "CVE-2011-2686", "CVE-2011-2705", "CVE-2011-4815"], "modified": "2012-02-28T00:00:00", "id": "USN-1377-1", "href": "https://ubuntu.com/security/notices/USN-1377-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2017-12-04T11:21:55", "description": "Check for the Version of ruby1.9.1", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.9.1 USN-1733-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841320", "href": "http://plugins.openvas.org/nasl.php?oid=841320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1733_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for ruby1.9.1 USN-1733-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Jean-Philippe Aumasson discovered that Ruby incorrectly generated\n predictable hash values. An attacker could use this issue to generate hash\n collisions and cause a denial of service. (CVE-2012-5371)\n\n Evgeny Ermakov discovered that documentation generated by rdoc is\n vulnerable to a cross-site scripting issue. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing a specially crafted\n page, a remote attacker could exploit this to modify the contents, or steal\n confidential data, within the same domain. (CVE-2013-0256)\n \n Thomas Hollstegge and Ben Murphy discovered that the JSON implementation\n in Ruby incorrectly handled certain crafted documents. An attacker could\n use this issue to cause a denial of service or bypass certain protection\n mechanisms. (CVE-2013-0269)\";\n\n\ntag_affected = \"ruby1.9.1 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1733-1/\");\n script_id(841320);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:12:12 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0256\", \"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1733-1\");\n script_name(\"Ubuntu Update for ruby1.9.1 USN-1733-1\");\n\n script_summary(\"Check for the Version of ruby1.9.1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.9.1 USN-1733-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1733_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ruby1.9.1 USN-1733-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1733-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841320\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:12:12 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0256\", \"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1733-1\");\n script_name(\"Ubuntu Update for ruby1.9.1 USN-1733-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby1.9.1'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"ruby1.9.1 on Ubuntu 12.10,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Jean-Philippe Aumasson discovered that Ruby incorrectly generated\n predictable hash values. An attacker could use this issue to generate hash\n collisions and cause a denial of service. (CVE-2012-5371)\n\n Evgeny Ermakov discovered that documentation generated by rdoc is\n vulnerable to a cross-site scripting issue. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing a specially crafted\n page, a remote attacker could exploit this to modify the contents, or steal\n confidential data, within the same domain. (CVE-2013-0256)\n\n Thomas Hollstegge and Ben Murphy discovered that the JSON implementation\n in Ruby incorrectly handled certain crafted documents. An attacker could\n use this issue to cause a denial of service or bypass certain protection\n mechanisms. (CVE-2013-0269)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:10:32", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "openvas", "title": "FreeBSD Ports: ruby", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371"], "modified": "2017-04-19T00:00:00", "id": "OPENVAS:72605", "href": "http://plugins.openvas.org/nasl.php?oid=72605", "sourceData": "#\n#VID 5e647ca3-2aea-11e2-b745-001fd0af1a4c\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 5e647ca3-2aea-11e2-b745-001fd0af1a4c\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: ruby\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/\nhttp://www.vuxml.org/freebsd/5e647ca3-2aea-11e2-b745-001fd0af1a4c.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(72605);\n script_cve_id(\"CVE-2012-5371\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 5977 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-19 11:02:22 +0200 (Wed, 19 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 12:47:33 -0500 (Mon, 26 Nov 2012)\");\n script_name(\"FreeBSD Ports: ruby\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"ruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9\")>=0 && revcomp(a:bver, b:\"1.9.3.327\")<0) {\n txt += \"Package ruby version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:50", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "openvas", "title": "FreeBSD Ports: ruby", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231072605", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072605", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_ruby13.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 5e647ca3-2aea-11e2-b745-001fd0af1a4c\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72605\");\n script_cve_id(\"CVE-2012-5371\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 12:47:33 -0500 (Mon, 26 Nov 2012)\");\n script_name(\"FreeBSD Ports: ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: ruby\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/5e647ca3-2aea-11e2-b745-001fd0af1a4c.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"ruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9\")>=0 && revcomp(a:bver, b:\"1.9.3.327\")<0) {\n txt += \"Package ruby version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-02T10:56:31", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Mandriva Update for ruby MDVSA-2012:024 (ruby)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:831554", "href": "http://plugins.openvas.org/nasl.php?oid=831554", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for ruby MDVSA-2012:024 (ruby)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ruby:\n\n Ruby (aka CRuby) before 1.8.7-p357 computes hash values without\n restricting the ability to trigger hash collisions predictably,\n which allows context-dependent attackers to cause a denial of service\n (CPU consumption) via crafted input to an application that maintains\n a hash table (CVE-2011-4815).\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"ruby on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:024\");\n script_id(831554);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:38 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"MDVSA\", value: \"2012:024\");\n script_name(\"Mandriva Update for ruby MDVSA-2012:024 (ruby)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tk\", rpm:\"ruby-tk~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tk\", rpm:\"ruby-tk~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tk\", rpm:\"ruby-tk~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:59", "description": "Oracle Linux Local Security Checks ELSA-2012-0069", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0069", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122001", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122001", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0069.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122001\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:31 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0069\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0069 - ruby security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0069\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0069.html\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~4.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:06:39", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2012:0069-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:870638", "href": "http://plugins.openvas.org/nasl.php?oid=870638", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2012:0069-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n Red Hat would like to thank oCERT for reporting this issue. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\";\n\ntag_affected = \"ruby on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00025.html\");\n script_id(870638);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:38:29 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0069-01\");\n script_name(\"RedHat Update for ruby RHSA-2012:0069-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2012:0069 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881167", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881167", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2012:0069 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018400.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881167\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:29:58 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0069\");\n script_name(\"CentOS Update for ruby CESA-2012:0069 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"ruby on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n Red Hat would like to thank oCERT for reporting this issue. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Mandriva Update for ruby MDVSA-2012:024 (ruby)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831554", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831554", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for ruby MDVSA-2012:024 (ruby)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:024\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831554\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:38 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"MDVSA\", value:\"2012:024\");\n script_name(\"Mandriva Update for ruby MDVSA-2012:024 (ruby)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|mes5\\.2|2010\\.1)\");\n script_tag(name:\"affected\", value:\"ruby on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A vulnerability has been found and corrected in ruby:\n\n Ruby (aka CRuby) before 1.8.7-p357 computes hash values without\n restricting the ability to trigger hash collisions predictably,\n which allows context-dependent attackers to cause a denial of service\n (CPU consumption) via crafted input to an application that maintains\n a hash table (CVE-2011-4815).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tk\", rpm:\"ruby-tk~1.8.7.p334~4.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tk\", rpm:\"ruby-tk~1.8.7~7p72.5mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-doc\", rpm:\"ruby-doc~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tk\", rpm:\"ruby-tk~1.8.7.p249~4.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2012:0069-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870638", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2012:0069-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00025.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870638\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:38:29 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0069-01\");\n script_name(\"RedHat Update for ruby RHSA-2012:0069-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"ruby on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n Red Hat would like to thank oCERT for reporting this issue. oCERT\n acknowledges Julian Waelde and Alexander Klink as the original reporters.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~4.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:56:51", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2012:0069 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:881167", "href": "http://plugins.openvas.org/nasl.php?oid=881167", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2012:0069 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n Red Hat would like to thank oCERT for reporting this issue. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\";\n\ntag_affected = \"ruby on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018400.html\");\n script_id(881167);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:29:58 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0069\");\n script_name(\"CentOS Update for ruby CESA-2012:0069 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~4.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:22", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-17542", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:863921", "href": "http://plugins.openvas.org/nasl.php?oid=863921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-17542\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 16\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071762.html\");\n script_id(863921);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:36:40 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-17542\");\n script_name(\"Fedora Update for ruby FEDORA-2011-17542\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:03:07", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-35)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120218", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120218", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120218\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:37 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-35)\");\n script_tag(name:\"insight\", value:\"Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.\");\n script_tag(name:\"solution\", value:\"Run yum update ruby to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-35.html\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.357~1.10.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-17542", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-17542\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071762.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863921\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:36:40 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-17542\");\n script_name(\"Fedora Update for ruby FEDORA-2011-17542\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-02-06T13:10:21", "description": "Check for the Version of rubygem-json", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3052", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:865430", "href": "http://plugins.openvas.org/nasl.php?oid=865430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3052\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-json on Fedora 18\";\ntag_insight = \"This is a implementation of the JSON specification according\n to RFC 4627 in Ruby.\n You can think of it as a low fat alternative to XML,\n if you want to store data to disk or transmit it over\n a network rather than use a verbose markup language.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099688.html\");\n script_id(865430);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:16:41 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-3052\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3052\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-json\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:09:17", "description": "Check for the Version of rubygem-json", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3050", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:865436", "href": "http://plugins.openvas.org/nasl.php?oid=865436", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3050\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-json on Fedora 17\";\ntag_insight = \"This is a implementation of the JSON specification according\n to RFC 4627 in Ruby.\n You can think of it as a low fat alternative to XML,\n if you want to store data to disk or transmit it over\n a network rather than use a verbose markup language.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099698.html\");\n script_id(865436);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:17:34 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-3050\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3050\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-json\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3052", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3052\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099688.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865430\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:16:41 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-3052\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3052\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-json'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"rubygem-json on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3050", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865436", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865436", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3050\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099698.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865436\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:17:34 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-3050\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3050\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-json'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"rubygem-json on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "description": "Gentoo Linux Local Security Checks GLSA 201412-27", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-27", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2012-5371", "CVE-2011-0188", "CVE-2013-0269", "CVE-2014-8090", "CVE-2013-1821", "CVE-2011-1005", "CVE-2014-8080", "CVE-2011-1004", "CVE-2013-4164", "CVE-2011-4815"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-27.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121313\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:15 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-27\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-27\");\n script_cve_id(\"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-4815\", \"CVE-2012-4481\", \"CVE-2012-5371\", \"CVE-2013-0269\", \"CVE-2013-1821\", \"CVE-2013-4164\", \"CVE-2014-8080\", \"CVE-2014-8090\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-27\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-lang/ruby\", unaffected: make_list(\"ge 1.9.3_p551\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/ruby\", unaffected: make_list(\"ge 2.0.0_p598\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/ruby\", unaffected: make_list(), vulnerable: make_list(\"lt 2.0.0_p598\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:06:39", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-01-13T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-17551", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-4815"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:863681", "href": "http://plugins.openvas.org/nasl.php?oid=863681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-17551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 15\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071794.html\");\n script_id(863681);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:42:39 +0530 (Fri, 13 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-17551\");\n script_cve_id(\"CVE-2011-4815\", \"CVE-2011-2686\");\n script_name(\"Fedora Update for ruby FEDORA-2011-17551\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:54", "description": "Oracle Linux Local Security Checks ELSA-2012-0070", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0070", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4815", "CVE-2011-3009"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122002", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122002", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0070.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122002\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:32 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0070\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0070 - ruby security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0070\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0070.html\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-13T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2011-17551", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2686", "CVE-2011-4815"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863681", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2011-17551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071794.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863681\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:42:39 +0530 (Fri, 13 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-17551\");\n script_cve_id(\"CVE-2011-4815\", \"CVE-2011-2686\");\n script_name(\"Fedora Update for ruby FEDORA-2011-17551\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.357~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-17T15:48:20", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1686)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201686", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201686", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1686\");\n script_version(\"2020-06-16T05:50:18+0000\");\n script_cve_id(\"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:50:18 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:50:18 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1686)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1686\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1686\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1686 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h17\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h17\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h17\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-06T01:15:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-01T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for ruby2.1 (DLA-2192-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-05-01T00:00:00", "id": "OPENVAS:1361412562310892192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892192", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892192\");\n script_version(\"2020-05-01T03:00:18+0000\");\n script_cve_id(\"CVE-2013-0269\", \"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-01 03:00:18 +0000 (Fri, 01 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-01 03:00:18 +0000 (Fri, 01 May 2020)\");\n script_name(\"Debian LTS: Security Advisory for ruby2.1 (DLA-2192-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2192-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby2.1'\n package(s) announced via the DLA-2192-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an\nunsafe object creation vulnerability.\nThis is quite similar to CVE-2013-0269, but does not rely on poor\ngarbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within\nthe interpreter, with adverse effects that are application-dependent.\");\n\n script_tag(name:\"affected\", value:\"'ruby2.1' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libruby2.1\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-dev\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-doc\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-tcltk\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-04T15:44:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1615)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2019-16201"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562311220201615", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201615", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1615\");\n script_version(\"2020-06-03T06:06:07+0000\");\n script_cve_id(\"CVE-2019-16201\", \"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 06:06:07 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 06:06:07 +0000 (Wed, 03 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1615)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1615\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1615\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1615 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nWEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h25.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h25.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h25.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-03T15:43:39", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-05-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1590)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10933", "CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562311220201590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201590", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1590\");\n script_version(\"2020-05-29T10:19:35+0000\");\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 10:19:35 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-26 05:46:00 +0000 (Tue, 26 May 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1590)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1590\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1590\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1590 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n\n\nAn issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-29T17:55:21", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1691)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10933", "CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-06-26T00:00:00", "id": "OPENVAS:1361412562311220201691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201691", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1691\");\n script_version(\"2020-06-26T07:26:53+0000\");\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-26 07:26:53 +0000 (Fri, 26 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-26 07:26:53 +0000 (Fri, 26 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1691)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1691\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1691\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1691 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.3.4~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.6~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~2.1.0~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-openssl\", rpm:\"rubygem-openssl~2.1.0~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~3.0.2~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~6.0.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.7.6~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-18T11:09:10", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2013-3038", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:865435", "href": "http://plugins.openvas.org/nasl.php?oid=865435", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2013-3038\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_solution = \"Please Install the Updated Packages.\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_affected = \"ruby on Fedora 17\";\n\n\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099697.html\");\n script_id(865435);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:17:27 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2012-4522\", \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-3038\");\n script_name(\"Fedora Update for ruby FEDORA-2013-3038\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.392~29.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:19", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-11-19T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2012-18017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:864870", "href": "http://plugins.openvas.org/nasl.php?oid=864870", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2012-18017\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 17\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092515.html\");\n script_id(864870);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-19 09:29:05 +0530 (Mon, 19 Nov 2012)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2012-4522\", \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-18017\");\n script_name(\"Fedora Update for ruby FEDORA-2012-18017\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.327~19.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2013-3038", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865435", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865435", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2013-3038\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"ruby on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099697.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865435\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:17:27 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2012-4522\", \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-3038\");\n script_name(\"Fedora Update for ruby FEDORA-2013-3038\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.392~29.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-11-19T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2012-18017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864870", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864870", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2012-18017\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092515.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864870\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-19 09:29:05 +0530 (Mon, 19 Nov 2012)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2012-4522\", \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-18017\");\n script_name(\"Fedora Update for ruby FEDORA-2012-18017\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.327~19.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:39:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2012:0070 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2012:0070 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018394.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881137\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:20:31 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0070\");\n script_name(\"CentOS Update for ruby CESA-2012:0070 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"ruby on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for irb CESA-2012:0070 centos4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2012:0070 centos4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018401.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881191\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:39:50 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0070\");\n script_name(\"CentOS Update for irb CESA-2012:0070 centos4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'irb'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"irb on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-16T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2012-15507", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4466", "CVE-2012-4464", "CVE-2011-1005", "CVE-2011-4815"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864786", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864786", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2012-15507\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089900.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864786\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:07 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2011-1005\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-15507\");\n script_name(\"Fedora Update for ruby FEDORA-2012-15507\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.358~4.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-08T12:57:55", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2012:0070-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:870534", "href": "http://plugins.openvas.org/nasl.php?oid=870534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2012:0070-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"ruby on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00026.html\");\n script_id(870534);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:50 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0070-01\");\n script_name(\"RedHat Update for ruby RHSA-2012:0070-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:56:48", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2012:0070 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:881137", "href": "http://plugins.openvas.org/nasl.php?oid=881137", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2012:0070 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"ruby on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018394.html\");\n script_id(881137);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:20:31 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0070\");\n script_name(\"CentOS Update for ruby CESA-2012:0070 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:56:48", "description": "Check for the Version of irb", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for irb CESA-2012:0070 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:881191", "href": "http://plugins.openvas.org/nasl.php?oid=881191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2012:0070 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n \n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n \n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"irb on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018401.html\");\n script_id(881191);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:39:50 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0070\");\n script_name(\"CentOS Update for irb CESA-2012:0070 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of irb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:42", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: jruby", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4838", "CVE-2011-5036", "CVE-2011-5037", "CVE-2011-4815"], "modified": "2017-04-18T00:00:00", "id": "OPENVAS:70754", "href": "http://plugins.openvas.org/nasl.php?oid=70754", "sourceData": "#\n#VID 91be81e7-3fea-11e1-afc7-2c4138874f7d\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 91be81e7-3fea-11e1-afc7-2c4138874f7d\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n jruby\n ruby\n ruby+nopthreads\n ruby+nopthreads+oniguruma\n ruby+oniguruma\n rubygem-rack\n v8\n redis\n node\n\nCVE-2011-4838\nJRuby before 1.6.5.1 computes hash values without restricting the\nability to trigger hash collisions predictably, which allows\ncontext-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted input to an application that maintains a hash\ntable.\n\nCVE-2011-4815\nRuby (aka CRuby) before 1.8.7-p357 computes hash values without\nrestricting the ability to trigger hash collisions predictably, which\nallows context-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted input to an application that maintains a hash\ntable.\n\nCVE-2011-5036\nRack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes\nhash values for form parameters without restricting the ability to\ntrigger hash collisions predictably, which allows remote attackers to\ncause a denial of service (CPU consumption) by sending many crafted\nparameters.\n\nCVE-2011-5037\nGoogle V8 computes hash values for form parameters without restricting\nthe ability to trigger hash collisions predictably, which allows\nremote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters, as demonstrated by attacks against\nNode.js.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.ocert.org/advisories/ocert-2011-003.html\nhttp://www.nruns.com/_downloads/advisory28122011.pdf\nhttp://www.vuxml.org/freebsd/91be81e7-3fea-11e1-afc7-2c4138874f7d.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70754);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2011-4838\", \"CVE-2011-4815\", \"CVE-2011-5036\", \"CVE-2011-5037\");\n script_version(\"$Revision: 5963 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-18 11:02:14 +0200 (Tue, 18 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 07:27:20 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"FreeBSD Ports: jruby\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"jruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6.5.1\")<0) {\n txt += 'Package jruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+nopthreads\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby+nopthreads version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+nopthreads+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby+nopthreads+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"rubygem-rack\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.6,3\")<0) {\n txt += 'Package rubygem-rack version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"v8\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.8.5\")<0) {\n txt += 'Package v8 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"redis\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4.6\")<=0) {\n txt += 'Package redis version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"node\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.6.7\")<0) {\n txt += 'Package node version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:37", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2012-10-16T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2012-15507", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4466", "CVE-2012-4464", "CVE-2011-1005", "CVE-2011-4815"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:864786", "href": "http://plugins.openvas.org/nasl.php?oid=864786", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2012-15507\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby on Fedora 16\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089900.html\");\n script_id(864786);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-16 09:44:07 +0530 (Tue, 16 Oct 2012)\");\n script_cve_id(\"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2011-1005\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-15507\");\n script_name(\"Fedora Update for ruby FEDORA-2012-15507\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.358~4.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2012:0070-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2705", "CVE-2011-2686", "CVE-2011-4815", "CVE-2011-3009"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870534", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2012:0070-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00026.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870534\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:50 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\", \"CVE-2011-2686\", \"CVE-2011-2705\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0070-01\");\n script_name(\"RedHat Update for ruby RHSA-2012:0070-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"ruby on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n A denial of service flaw was found in the implementation of associative\n arrays (hashes) in Ruby. An attacker able to supply a large number of\n inputs to a Ruby application (such as HTTP POST request parameters sent to\n a web application) that are used as keys when inserting data into an array\n could trigger multiple hash function collisions, making array operations\n take an excessive amount of CPU time. To mitigate this issue, randomization\n has been added to the hash function to reduce the chance of an attacker\n successfully causing intentional collisions. (CVE-2011-4815)\n\n It was found that Ruby did not reinitialize the PRNG (pseudorandom number\n generator) after forking a child process. This could eventually lead to the\n PRNG returning the same result twice. An attacker keeping track of the\n values returned by one child process could use this flaw to predict the\n values the PRNG would return in other child processes (as long as the\n parent process persisted). (CVE-2011-3009)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\n acknowledges Julian Waelde and Alexander Klink as the original reporters of\n CVE-2011-4815.\n\n All users of ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~22.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:52", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: jruby", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4838", "CVE-2011-5036", "CVE-2011-5037", "CVE-2011-4815"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070754", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070754", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_jruby.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 91be81e7-3fea-11e1-afc7-2c4138874f7d\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70754\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2011-4838\", \"CVE-2011-4815\", \"CVE-2011-5036\", \"CVE-2011-5037\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 07:27:20 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"FreeBSD Ports: jruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n jruby\n ruby\n ruby+nopthreads\n ruby+nopthreads+oniguruma\n ruby+oniguruma\n rubygem-rack\n v8\n redis\n node\n\nCVE-2011-4838\nJRuby before 1.6.5.1 computes hash values without restricting the\nability to trigger hash collisions predictably, which allows\ncontext-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted input to an application that maintains a hash\ntable.\n\nCVE-2011-4815\nRuby (aka CRuby) before 1.8.7-p357 computes hash values without\nrestricting the ability to trigger hash collisions predictably, which\nallows context-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted input to an application that maintains a hash\ntable.\n\nCVE-2011-5036\nRack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes\nhash values for form parameters without restricting the ability to\ntrigger hash collisions predictably, which allows remote attackers to\ncause a denial of service (CPU consumption) by sending many crafted\nparameters.\n\nCVE-2011-5037\nGoogle V8 computes hash values for form parameters without restricting\nthe ability to trigger hash collisions predictably, which allows\nremote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters, as demonstrated by attacks against\nNode.js.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.ocert.org/advisories/ocert-2011-003.html\");\n script_xref(name:\"URL\", value:\"http://www.nruns.com/_downloads/advisory28122011.pdf\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/91be81e7-3fea-11e1-afc7-2c4138874f7d.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"jruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6.5.1\")<0) {\n txt += 'Package jruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"ruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"ruby+nopthreads\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby+nopthreads version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"ruby+nopthreads+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby+nopthreads+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"ruby+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.7.357,1\")<0) {\n txt += 'Package ruby+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"rubygem-rack\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.6,3\")<0) {\n txt += 'Package rubygem-rack version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"v8\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.8.5\")<0) {\n txt += 'Package v8 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"redis\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4.6\")<=0) {\n txt += 'Package redis version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"node\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.6.7\")<0) {\n txt += 'Package node version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:51:33", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-05-31T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2013-8411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522", "CVE-2013-2065"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:865654", "href": "http://plugins.openvas.org/nasl.php?oid=865654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2013-8411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"ruby on Fedora 17\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865654);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-31 09:49:05 +0530 (Fri, 31 May 2013)\");\n script_cve_id(\"CVE-2013-2065\", \"CVE-2012-5371\", \"CVE-2012-4522\", \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for ruby FEDORA-2013-8411\");\n\n script_xref(name: \"FEDORA\", value: \"2013-8411\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107064.html\");\n script_summary(\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.429~30.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-05-31T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2013-8411", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522", "CVE-2013-2065"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865654", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2013-8411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865654\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-31 09:49:05 +0530 (Fri, 31 May 2013)\");\n script_cve_id(\"CVE-2013-2065\", \"CVE-2012-5371\", \"CVE-2012-4522\", \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for ruby FEDORA-2013-8411\");\n script_xref(name:\"FEDORA\", value:\"2013-8411\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107064.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.429~30.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2018-01-19T15:08:51", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-07-11T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2013-12062", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522", "CVE-2013-2065", "CVE-2013-4073"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:866056", "href": "http://plugins.openvas.org/nasl.php?oid=866056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2013-12062\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"ruby on Fedora 17\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\n object-oriented programming. It has many features to process text\n files and to do system management tasks (as in Perl). It is simple,\n straight-forward, and extensible.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(866056);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 10:26:02 +0530 (Thu, 11 Jul 2013)\");\n script_cve_id(\"CVE-2013-4073\", \"CVE-2013-2065\", \"CVE-2012-5371\", \"CVE-2012-4522\",\n \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for ruby FEDORA-2013-12062\");\n\n script_xref(name: \"FEDORA\", value: \"2013-12062\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111177.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.448~31.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-07-11T00:00:00", "type": "openvas", "title": "Fedora Update for ruby FEDORA-2013-12062", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-4466", "CVE-2012-4464", "CVE-2012-4522", "CVE-2013-2065", "CVE-2013-4073"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby FEDORA-2013-12062\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866056\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 10:26:02 +0530 (Thu, 11 Jul 2013)\");\n script_cve_id(\"CVE-2013-4073\", \"CVE-2013-2065\", \"CVE-2012-5371\", \"CVE-2012-4522\",\n \"CVE-2012-4464\", \"CVE-2012-4466\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for ruby FEDORA-2013-12062\");\n script_xref(name:\"FEDORA\", value:\"2013-12062\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111177.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"ruby on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.9.3.448~31.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-21T19:54:19", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-07-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1717)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15845", "CVE-2019-19204", "CVE-2013-0269", "CVE-2020-10663", "CVE-2019-16255", "CVE-2019-16201"], "modified": "2020-07-03T00:00:00", "id": "OPENVAS:1361412562311220201717", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201717", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1717\");\n script_version(\"2020-07-03T06:18:33+0000\");\n script_cve_id(\"CVE-2019-15845\", \"CVE-2019-16201\", \"CVE-2019-16255\", \"CVE-2019-19204\", \"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-03 06:18:33 +0000 (Fri, 03 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-03 06:18:33 +0000 (Fri, 03 Jul 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1717)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1717\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1717\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1717 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.(CVE-2019-19204)\n\nRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the 'command' argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.(CVE-2019-16255)\n\nRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.(CVE-2019-15845)\n\nWEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.2.0~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.2~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.7.7~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~2.0.0~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~4.0.0~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.0.14.1~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:20:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1377-1", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.8 USN-1377-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2011-2686", "CVE-2011-1005", "CVE-2011-1004", "CVE-2010-0541", "CVE-2011-4815"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840923", "href": "http://plugins.openvas.org/nasl.php?oid=840923", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1377_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for ruby1.8 USN-1377-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site\n scripting attacks when displaying error pages. A remote attacker could use this\n flaw to run arbitrary web script. (CVE-2010-0541)\n\n Drew Yao discovered that Ruby's BigDecimal module did not properly allocate\n memory on 64-bit platforms. An attacker could use this flaw to cause a denial\n of service or possibly execute arbitrary code with user privileges.\n (CVE-2011-0188)\n\n Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in\n Ruby did not properly remove non-empty directories. An attacker could use this\n flaw to possibly delete arbitrary files. (CVE-2011-1004)\n\n It was discovered that Ruby incorrectly allowed untainted strings to be\n modified in protective safe levels. An attacker could use this flaw to bypass\n intended access restrictions. (CVE-2011-1005)\n\n Eric Wong discovered that Ruby does not properly reseed its pseudorandom number\n generator when creating child processes. An attacker could use this flaw to\n gain knowledge of the random numbers used in other Ruby child processes.\n (CVE-2011-2686)\n\n Eric Wong discovered that the SecureRandom module in Ruby did not properly seed\n its pseudorandom number generator. An attacker could use this flaw to gain\n knowledge of the random numbers used by another Ruby process with the same\n process ID number. (CVE-2011-2705)\n\n Alexander Klink and Julian Wälde discovered that Ruby computed hash values\n without restricting the ability to trigger hash collisions predictably. A\n remote attacker could cause a denial of service by crafting values used in hash\n tables. (CVE-2011-4815)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1377-1\";\ntag_affected = \"ruby1.8 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1377-1/\");\n script_id(840923);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:13 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2010-0541\", \"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\",\n \"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1377-1\");\n script_name(\"Ubuntu Update for ruby1.8 USN-1377-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:35", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1377-1", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.8 USN-1377-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0188", "CVE-2011-2705", "CVE-2011-2686", "CVE-2011-1005", "CVE-2011-1004", "CVE-2010-0541", "CVE-2011-4815"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840923", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840923", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1377_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ruby1.8 USN-1377-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1377-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840923\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:13 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2010-0541\", \"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\",\n \"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-4815\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1377-1\");\n script_name(\"Ubuntu Update for ruby1.8 USN-1377-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1377-1\");\n script_tag(name:\"affected\", value:\"ruby1.8 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site\n scripting attacks when displaying error pages. A remote attacker could use this\n flaw to run arbitrary web script. (CVE-2010-0541)\n\n Drew Yao discovered that Ruby's BigDecimal module did not properly allocate\n memory on 64-bit platforms. An attacker could use this flaw to cause a denial\n of service or possibly execute arbitrary code with user privileges.\n (CVE-2011-0188)\n\n Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in\n Ruby did not properly remove non-empty directories. An attacker could use this\n flaw to possibly delete arbitrary files. (CVE-2011-1004)\n\n It was discovered that Ruby incorrectly allowed untainted strings to be\n modified in protective safe levels. An attacker could use this flaw to bypass\n intended access restrictions. (CVE-2011-1005)\n\n Eric Wong discovered that Ruby does not properly reseed its pseudorandom number\n generator when creating child processes. An attacker could use this flaw to\n gain knowledge of the random numbers used in other Ruby child processes.\n (CVE-2011-2686)\n\n Eric Wong discovered that the SecureRandom module in Ruby did not properly seed\n its pseudorandom number generator. An attacker could use this flaw to gain\n knowledge of the random numbers used by another Ruby process with the same\n process ID number. (CVE-2011-2705)\n\n Alexander Klink and Julian Walde discovered that Ruby computed hash values\n without restricting the ability to trigger hash collisions predictably. A\n remote attacker could cause a denial of service by crafting values used in hash\n tables. (CVE-2011-4815)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.299-2ubuntu0.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.249-2ubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.302-2ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:37:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1428)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-4363", "CVE-2018-8780", "CVE-2018-16395", "CVE-2012-4466", "CVE-2009-2408", "CVE-2014-8090", "CVE-2012-4464", "CVE-2014-4975", "CVE-2013-1821", "CVE-2011-1005", "CVE-2018-16396", "CVE-2012-4522", "CVE-2014-8080", "CVE-2013-2065", "CVE-2013-4073", "CVE-2013-4164", "CVE-2013-4287"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191428", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191428", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1428\");\n script_version(\"2020-01-23T11:45:03+0000\");\n script_cve_id(\"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2012-4522\", \"CVE-2012-5371\", \"CVE-2013-2065\", \"CVE-2013-4073\", \"CVE-2013-4164\", \"CVE-2013-4287\", \"CVE-2013-4363\", \"CVE-2014-4975\", \"CVE-2014-8080\", \"CVE-2014-8090\", \"CVE-2018-16395\", \"CVE-2018-16396\", \"CVE-2018-8780\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:45:03 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:45:03 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1428)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1428\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1428\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2019-1428 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.(CVE-2012-4466)\n\nThe REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090)\n\nAlgorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.(CVE-2013-4287)\n\nThe REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.(CVE-2014-8080)\n\nThe OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\\\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.(CVE-2013-4073)\n\nThe rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.(CVE-2012-4522)\n\n(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions.(CVE-2013-2065)\n\nAlgorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.2.0~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.2~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.7.7~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~2.0.0~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~4.0.0~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.0.14.1~33.h12\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:33", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-002.", "cvss3": {}, "published": "2012-05-18T00:00:00", "type": "openvas", "title": "Mac OS X Multiple Vulnerabilities (2012-002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0649", "CVE-2011-0241", "CVE-2012-0642", "CVE-2012-0655", "CVE-2012-0654", "CVE-2012-0662", "CVE-2011-4885", "CVE-2011-3389", "CVE-2012-0830", "CVE-2011-3919", "CVE-2012-0661", "CVE-2011-1167", "CVE-2012-0658", "CVE-2011-3328", "CVE-2011-2834", "CVE-2011-1005", "CVE-2011-2692", "CVE-2012-0675", "CVE-2012-0660", "CVE-2011-4566", "CVE-2012-0659", "CVE-2012-0656", "CVE-2012-0652", "CVE-2012-0036", "CVE-2012-0651", "CVE-2012-1182", "CVE-2011-1778", "CVE-2011-2821", "CVE-2011-1944", "CVE-2011-1004", "CVE-2012-0657", "CVE-2012-0870", "CVE-2011-2895", "CVE-2011-3212", "CVE-2011-1777", "CVE-2011-4815"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310802794", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su12-002.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X Multiple Vulnerabilities (2012-002)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802794\");\n script_version(\"$Revision: 14307 $\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0651\", \"CVE-2011-0241\", \"CVE-2011-2692\",\n \"CVE-2011-1167\", \"CVE-2011-1777\", \"CVE-2011-1778\", \"CVE-2012-0654\",\n \"CVE-2012-0655\", \"CVE-2011-1944\", \"CVE-2011-2821\", \"CVE-2011-2834\",\n \"CVE-2011-3919\", \"CVE-2012-0657\", \"CVE-2012-0658\", \"CVE-2012-0659\",\n \"CVE-2012-0660\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-4815\",\n \"CVE-2012-0870\", \"CVE-2012-1182\", \"CVE-2012-0662\", \"CVE-2012-0652\",\n \"CVE-2012-0649\", \"CVE-2012-0036\", \"CVE-2012-0642\", \"CVE-2011-3212\",\n \"CVE-2012-0656\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0830\",\n \"CVE-2012-0661\", \"CVE-2012-0675\", \"CVE-2011-2895\", \"CVE-2011-3328\");\n script_bugtraq_id(49778, 49388, 53458, 48833, 48618, 46951, 47737, 53471,\n 53462, 48056, 49279, 49658, 51300, 53473, 53465, 53467,\n 53469, 46460, 46458, 51198, 52103, 52973, 53468, 53457,\n 53456, 51665, 52364, 50109, 53459, 50907, 51193, 51830,\n 53466, 53470, 49124, 49744);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-18 12:26:01 +0530 (Fri, 18 May 2012)\");\n script_name(\"Mac OS X Multiple Vulnerabilities (2012-002)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5281\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html\");\n script_xref(name:\"URL\", value:\"http://prod.lists.apple.com/archives/security-announce/2012/May/msg00001.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[67]\\.\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context or cause a denial of service condition.\");\n script_tag(name:\"affected\", value:\"Login Window,\n Bluetooth,\n curl,\n Directory Service,\n HFS,\n ImageIO,\n Kernel,\n libarchive,\n libsecurity,\n libxml,\n LoginUIFramework,\n PHP,\n Quartz Composer,\n QuickTime,\n Ruby,\n Samba,\n Security Framework,\n Time Machine,\n X11.\");\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mac OS X 10.7.4 or\n Run Mac Updates and update the Security Update 2012-002\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-002.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\nif(\"Mac OS X\" >< osName || \"Mac OS X Server\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2012.002\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n\n if(version_in_range(version:osVer, test_version:\"10.7\", test_version2:\"10.7.3\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-19T10:50:21", "description": "This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-002.", "cvss3": {}, "published": "2012-05-18T00:00:00", "type": "openvas", "title": "Mac OS X Multiple Vulnerabilities (2012-002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0649", "CVE-2011-0241", "CVE-2012-0642", "CVE-2012-0655", "CVE-2012-0654", "CVE-2012-0662", "CVE-2011-4885", "CVE-2011-3389", "CVE-2012-0830", "CVE-2011-3919", "CVE-2012-0661", "CVE-2011-1167", "CVE-2012-0658", "CVE-2011-3328", "CVE-2011-2834", "CVE-2011-1005", "CVE-2011-2692", "CVE-2012-0675", "CVE-2012-0660", "CVE-2011-4566", "CVE-2012-0659", "CVE-2012-0656", "CVE-2012-0652", "CVE-2012-0036", "CVE-2012-0651", "CVE-2012-1182", "CVE-2011-1778", "CVE-2011-2821", "CVE-2011-1944", "CVE-2011-1004", "CVE-2012-0657", "CVE-2012-0870", "CVE-2011-2895", "CVE-2011-3212", "CVE-2011-1777", "CVE-2011-4815"], "modified": "2017-07-04T00:00:00", "id": "OPENVAS:802794", "href": "http://plugins.openvas.org/nasl.php?oid=802794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su12-002.nasl 6521 2017-07-04 14:51:10Z cfischer $\n#\n# Mac OS X Multiple Vulnerabilities (2012-002)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context or cause a denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Login Window,\n Bluetooth,\n curl,\n Directory Service,\n HFS,\n ImageIO,\n Kernel,\n libarchive,\n libsecurity,\n libxml,\n LoginUIFramework,\n PHP,\n Quartz Composer,\n QuickTime,\n Ruby,\n Samba,\n Security Framework,\n Time Machine,\n X11.\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Upgrade to Mac OS X 10.7.4 or\n Run Mac Updates and update the Security Update 2012-002\n For updates refer to http://support.apple.com/kb/HT5281\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-002.\";\n\nif(description)\n{\n script_id(802794);\n script_version(\"$Revision: 6521 $\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0651\", \"CVE-2011-0241\", \"CVE-2011-2692\",\n \"CVE-2011-1167\", \"CVE-2011-1777\", \"CVE-2011-1778\", \"CVE-2012-0654\",\n \"CVE-2012-0655\", \"CVE-2011-1944\", \"CVE-2011-2821\", \"CVE-2011-2834\",\n \"CVE-2011-3919\", \"CVE-2012-0657\", \"CVE-2012-0658\", \"CVE-2012-0659\",\n \"CVE-2012-0660\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-4815\",\n \"CVE-2012-0870\", \"CVE-2012-1182\", \"CVE-2012-0662\", \"CVE-2012-0652\",\n \"CVE-2012-0649\", \"CVE-2012-0036\", \"CVE-2012-0642\", \"CVE-2011-3212\",\n \"CVE-2012-0656\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0830\",\n \"CVE-2012-0661\", \"CVE-2012-0675\", \"CVE-2011-2895\", \"CVE-2011-3328\");\n script_bugtraq_id(49778, 49388, 53458, 48833, 48618, 46951, 47737, 53471,\n 53462, 48056, 49279, 49658, 51300, 53473, 53465, 53467,\n 53469, 46460, 46458, 51198, 52103, 52973, 53468, 53457,\n 53456, 51665, 52364, 50109, 53459, 50907, 51193, 51830,\n 53466, 53470, 49124, 49744);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:51:10 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-18 12:26:01 +0530 (Fri, 18 May 2012)\");\n script_name(\"Mac OS X Multiple Vulnerabilities (2012-002)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5281\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html\");\n script_xref(name : \"URL\" , value : \"http://prod.lists.apple.com/archives/security-announce/2012/May/msg00001.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nosName = \"\";\nosVer = \"\";\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName || \"Mac OS X Server\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n ## Check for the security update 2012.002\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2012.002\"))\n {\n security_message(0);\n exit(0);\n }\n }\n\n ## Check if OS is 10.7 through 10.7.3\n if(version_in_range(version:osVer, test_version:\"10.7\", test_version2:\"10.7.3\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "description": "Crossite scripting, protection bypass.", "cvss3": {}, "published": "2013-02-24T00:00:00", "type": "securityvulns", "title": "Ruby multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2013-02-24T00:00:00", "id": "SECURITYVULNS:VULN:12900", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12900", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:47", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1733-1\r\nFebruary 21, 2013\r\n\r\nruby1.9.1 vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.10\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in Ruby.\r\n\r\nSoftware Description:\r\n- ruby1.9.1: Interpreter of object-oriented scripting language Ruby\r\n\r\nDetails:\r\n\r\nJean-Philippe Aumasson discovered that Ruby incorrectly generated\r\npredictable hash values. An attacker could use this issue to generate hash\r\ncollisions and cause a denial of service. (CVE-2012-5371)\r\n\r\nEvgeny Ermakov discovered that documentation generated by rdoc is\r\nvulnerable to a cross-site scripting issue. With cross-site scripting\r\nvulnerabilities, if a user were tricked into viewing a specially crafted\r\npage, a remote attacker could exploit this to modify the contents, or steal\r\nconfidential data, within the same domain. (CVE-2013-0256)\r\n\r\nThomas Hollstegge and Ben Murphy discovered that the JSON implementation\r\nin Ruby incorrectly handled certain crafted documents. An attacker could\r\nuse this issue to cause a denial of service or bypass certain protection\r\nmechanisms. (CVE-2013-0269)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.10:\r\n libruby1.9.1 1.9.3.194-1ubuntu1.3\r\n ruby1.9.1 1.9.3.194-1ubuntu1.3\r\n\r\nUbuntu 12.04 LTS:\r\n libruby1.9.1 1.9.3.0-1ubuntu2.5\r\n ruby1.9.1 1.9.3.0-1ubuntu2.5\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1733-1\r\n CVE-2012-5371, CVE-2013-0256, CVE-2013-0269\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.194-1ubuntu1.3\r\n https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.0-1ubuntu2.5\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "cvss3": {}, "published": "2013-02-24T00:00:00", "type": "securityvulns", "title": "[USN-1733-1] Ruby vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2013-02-24T00:00:00", "id": "SECURITYVULNS:DOC:29063", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29063", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:43", "description": "\r\n\r\nn.runs AG\r\nhttp://www.nruns.com/ security(at)nruns.com\r\nn.runs-SA-2011.004 28-Dec-2011\r\n________________________________________________________________________\r\nVendors: PHP, http://www.php.net\r\n Oracle, http://www.oracle.com\r\n Microsoft, http://www.microsoft.com\r\n Python, http://www.python.org\r\n Ruby, http://www.ruby.org\r\n Google, http://www.google.com\r\nAffected Products: PHP 4 and 5\r\n Java\r\n Apache Tomcat\r\n Apache Geronimo\r\n Jetty\r\n Oracle Glassfish\r\n ASP.NET\r\n Python\r\n Plone\r\n CRuby 1.8, JRuby, Rubinius \r\n v8\r\nVulnerability: Denial of Service through hash table\r\n multi-collisions\r\nTracking IDs: oCERT-2011-003\r\n CERT VU#903934\r\n________________________________________________________________________\r\nVendor communication:\r\n2011/11/01 Coordinated notification to PHP, Oracle, Python, Ruby, Google\r\n via oCERT\r\n2011/11/29 Coordinated notification to Microsoft via CERT\r\n\r\nVarious communication with the vendors for clarifications, distribution\r\nof PoC code, discussion of fixes, etc.\r\n___________________________________________________________________________\r\nOverview:\r\n\r\nHash tables are a commonly used data structure in most programming\r\nlanguages. Web application servers or platforms commonly parse\r\nattacker-controlled POST form data into hash tables automatically, so\r\nthat they can be accessed by application developers.\r\n\r\nIf the language does not provide a randomized hash function or the\r\napplication server does not recognize attacks using multi-collisions, an\r\nattacker can degenerate the hash table by sending lots of colliding\r\nkeys. The algorithmic complexity of inserting n elements into the table\r\nthen goes to O(n**2), making it possible to exhaust hours of CPU time\r\nusing a single HTTP request.\r\n\r\nThis issue has been known since at least 2003 and has influenced Perl\r\nand CRuby 1.9 to change their hash functions to include randomization.\r\n\r\nWe show that PHP 5, Java, ASP.NET as well as v8 are fully vulnerable to\r\nthis issue and PHP 4, Python and Ruby are partially vulnerable,\r\ndepending on version or whether the server running the code is a 32 bit\r\nor 64 bit machine.\r\n\r\nDescription:\r\n\r\n= Theory =\r\n\r\nMost hash functions used in hash table implementations can be broken\r\nfaster than by using brute-force techniques (which is feasible for hash\r\nfunctions with 32 bit output, but very expensive for 64 bit functions)\r\nby using one of two \u201ctricks\u201d: equivalent substrings or a\r\nmeet-in-the-middle attack.\r\n\r\n== Equivalent substrings ==\r\n\r\nSome hash functions have the property that if two strings collide, e.g.\r\nhash('string1') = hash('string2'), then hashes having this substring at\r\nthe same position collide as well, e.g. hash('prefixstring1postfix') =\r\nhash('prefixstring2postfix'). If for example 'Ez' and 'FY' collide under\r\na hash function with this property, then 'EzEz', 'EzFY', 'FYEz', 'FYFY'\r\ncollide as well. An observing reader may notice that this is very\r\nsimilar to binary counting from zero to four. Using this knowledge, an\r\nattacker can construct arbitrary numbers of collisions (2^n for\r\n2*n-sized strings in this example).\r\n\r\n== Meet-in-the-middle attack ==\r\n\r\nIf equivalent substrings are not present in a given hash function, then\r\nbrute-force seems to be the only solution. The obvious way to best use\r\nbrute-force would be to choose a target value and hash random\r\n(fixed-size) strings and store those which hash to the target value. For\r\na non-biased hash function with 32 bit output length, the probability of\r\nhitting a target in this way is 1/(2^32).\r\n\r\nA meet-in-the-middle attack now tries to hit more than one target at a\r\ntime. If the hash function can be inverted and the internal state of the\r\nhash function has the same size as the output, one can split the string\r\ninto two parts, a prefix (of size n) and a postfix (of size m). One can\r\nnow iterate over all possible m-sized postfix strings and calculate the\r\nintermediate value under which the hash function maps to a certain\r\ntarget. If one stores these strings and corresponding intermediate value\r\nin a lookup table, one can now generate random n-sized prefix strings\r\nand see if they map to one of the intermediate values in the lookup\r\ntable. If this is the case, the complete string will map to the target\r\nvalue.\r\n\r\nSplitting in the middle reduces the complexity of this attack by the\r\nsquare root, which gives us the probability of 1/(2^16) for a collision,\r\nthus enabling an attacker to generate multi-collisions much faster.\r\n\r\nThe hash functions we looked at which were vulnerable to an equivalent\r\nsubstring attack were all vulnerable to a meet-in-the-middle attack as\r\nwell. In this case, the meet-in-the-middle attack provides more\r\ncollisions for strings of a fixed size than the equivalent substring\r\nattack.\r\n\r\n= The real world =\r\n\r\nThe different language use different hash functions which suffer from\r\ndifferent problems. They also differ in how they use hash tables in\r\nstoring POST form data.\r\n\r\n== PHP 5 ==\r\n\r\nPHP 5 uses the DJBX33A (Dan Bernstein's times 33, addition) hash\r\nfunction and parses POST form data into the $_POST hash table. Because\r\nof the structure of the hash function, it is vulnerable to an equivalent\r\nsubstring attack.\r\n\r\nThe maximal POST request size is typically limited to 8 MB, which when\r\nfilled with a set of multi-collisions would consume about four hours of\r\nCPU time on an i7 core. Luckily, this time can not be exhausted because\r\nit is limited by the max_input_time (default configuration: -1,\r\nunlimited), Ubuntu and several BSDs: 60 seconds) configuration\r\nparameter. If the max_input_time parameter is set to -1 (theoretically:\r\nunlimited), it is bound by the max_execution_time configuration\r\nparameter (default value: 30).\r\n\r\nOn an i7 core, the 60 seconds take a string of multi-collisions of about\r\n500k. 30 seconds of CPU time can be generated using a string of about\r\n300k. This means that an attacker needs about 70-100kbit/s to keep one\r\ni7 core constantly busy. An attacker with a Gigabit connection can keep\r\nabout 10.000 i7 cores busy.\r\n\r\n== ASP.NET ==\r\n\r\nASP.NET uses the Request.Form object to provide POST data to a web\r\napplication developer. This object is of class NameValueCollection. This\r\nuses a different hash function than the standard .NET one, namely\r\nCaseInsensitiveHashProvider.getHashCode(). This is the DJBX33X (Dan\r\nBernstein's times 33, XOR) hash function on the uppercase version of the\r\nkey, which is breakable using a meet-in-the-middle attack.\r\n\r\nCPU time is limited by the IIS webserver to a value of typically 90\r\nseconds. This allows an attacker with about 30kbit/s to keep one Core2\r\ncore constantly busy. An attacker with a Gigabit connection can keep\r\nabout 30.000 Core2 cores busy.\r\n\r\n== Java ==\r\n\r\nJava offers the HashMap and Hashtable classes, which use the\r\nString.hashCode() hash function. It is very similar to DJBX33A (instead\r\nof 33, it uses the multiplication constant 31 and instead of the start\r\nvalue 5381 it uses 0). Thus it is also vulnerable to an equivalent\r\nsubstring attack. When hashing a string, Java also caches the hash value\r\nin the hash attribute, but only if the result is different from zero.\r\nThus, the target value zero is particularly interesting for an attacker\r\nas it prevents caching and forces re-hashing.\r\n\r\nDifferent web application parse the POST data differently, but the ones\r\ntested (Tomcat, Geronima, Jetty, Glassfish) all put the POST form data\r\ninto either a Hashtable or HashMap object. The maximal POST sizes also\r\ndiffer from server to server, with 2 MB being the most common.\r\n\r\nA Tomcat 6.0.32 server parses a 2 MB string of colliding keys in about\r\n44 minutes of i7 CPU time, so an attacker with about 6 kbit/s can keep\r\none i7 core constantly busy. If the attacker has a Gigabit connection,\r\nhe can keep about 100.000 i7 cores busy.\r\n\r\n== Python ==\r\n\r\nPython uses a hash function which is very similar to DJBX33X, which can\r\nbe broken using a meet-in-the-middle attack. It operates on register\r\nsize and is thus different for 64 and 32 bit machines. While generating\r\nmulti-collisions efficiently is also possible for the 64 bit version of\r\nthe function, the resulting colliding strings are too large to be\r\nrelevant for anything more than an academic attack.\r\n\r\nPlone as the most prominent Python web framework accepts 1 MB of POST\r\ndata, which it parses in about 7 minutes of CPU time in the worst case.\r\nThis gives an attacker with about 20 kbit/s the possibility to keep one\r\nCore Duo core constantly busy. If the attacker is in the position to\r\nhave a Gigabit line available, he can keep about 50.000 Core Duo cores\r\nbusy.\r\n\r\n== Ruby ==\r\n\r\nThe Ruby language consists of several implementations which do not share\r\nthe same hash functions. It also differs in versions (1.8, 1.9), which ?\r\ndepending on the implementation ? also do not necessarily share the same\r\nhash function.\r\n\r\nThe hash function of CRuby 1.9 has been using randomization since 2008\r\n(a result of the algorithmic complexity attacks disclosed in 2003). The\r\nCRuby 1.8 function is very similar to DJBX33A, but the large\r\nmultiplication constant of 65599 prevents an effective equivalent\r\nsubstring attack. The hash function can be easily broken using a meet-\r\nin-the-middle attack, though. JRuby uses the CRuby 1.8 hash function for\r\nboth 1.8 and 1.9. Rubinius uses a different hash function but also does\r\nnot randomize it.\r\n\r\nA typical POST size limit in Ruby frameworks is 2 MB, which takes about\r\n6 hours of i7 CPU time to parse. Thus, an attacker with a single 850\r\nbits/s line can keep one i7 core busy. The other way around, an attacker\r\nwith a Gigabit connection can keep about 1.000.000 (one million!) i7\r\ncores busy.\r\n\r\n== v8 ==\r\n\r\nGoogle's Javascript implementation v8 uses a hash function which looks\r\ndifferent from the ones seen before, but can be broken using a meet-in-\r\nthe-middle attack, too.\r\n\r\nNode.js uses v8 to run Javascript-based web applications. The\r\nquerystring module parses POST data into a hash table structure.\r\n\r\nAs node.js does not limit the POST size by default (we assume this would\r\ntypically be the job of a framework), no effectiveness/efficiency\r\nmeasurements were performed.\r\n\r\nImpact:\r\n\r\nAny website running one of the above technologies which provides the\r\noption to perform a POST request is vulnerable to very effective DoS\r\nattacks.\r\n\r\nAs the attack is just a POST request, it could also be triggered from\r\nwithin a (third-party) website. This means that a cross-site-scripting\r\nvulnerability on a popular website could lead to a very effective DDoS\r\nattack (not necessarily against the same website).\r\n\r\nFixes:\r\n\r\nThe Ruby Security Team was very helpful in addressing this issue and\r\nboth CRuby and JRuby provide updates for this issue with a randomized\r\nhash function (CRuby 1.8.7-p357, JRuby 1.6.5.1, CVE-2011-4815).\r\n\r\nOracle has decided there is nothing that needs to be fixed within Java\r\nitself, but will release an updated version of Glassfish in a future CPU\r\n(Oracle Security ticket S0104869).\r\n\r\nTomcat has released updates (7.0.23, 6.0.35) for this issue which limit\r\nthe number of request parameters using a configuration parameter. The\r\ndefault value of 10.000 should provide sufficient protection.\r\n\r\nWorkarounds:\r\n\r\nFor languages were no fixes have been issued (yet?), there are a number\r\nof workarounds.\r\n\r\n= Limiting CPU time =\r\n\r\nThe easiest way to reduce the impact of such an attack is to reduce the\r\nCPU time that a request is allowed to take. For PHP, this can be\r\nconfigured using the max_input_time parameter. On IIS (for ASP.NET),\r\nthis can be configured using the \u201cshutdown time limit for processes\u201d\r\nparameter.\r\n\r\n= Limiting maximal POST size =\r\n\r\nIf you can live with the fact that users can not put megabytes of data\r\ninto your forms, limiting the form size to a small value (in the 10s of\r\nkilobytes rather than the usual megabytes) can drastically reduce the\r\nimpact of the attack as well.\r\n\r\n= Limiting maximal number of parameters =\r\n\r\nThe updated Tomcat versions offer an option to reduce the amount of\r\nparameters accepted independent from the maximal POST size. Configuring\r\nthis is also possible using the Suhosin version of PHP using the\r\nsuhosin.{post|request}.max_vars parameters.\r\n\r\n________________________________________________________________________\r\nCredits:\r\nAlexander Klink, n.runs AG\r\nJulian Walde, Technische Universitat Darmstadt\r\n\r\nThe original theory behind this attack vector is described in the 2003\r\nUsenix Security paper \u201cDenial of Service via Algorithmic Complexity\r\nAttacks\u201d by Scott A. Crosby and Dan S. Wallach, Rice University\r\n________________________________________________________________________\r\nReferences:\r\nThis advisory and upcoming advisories:\r\nhttp://www.nruns.com/security_advisory.php\r\n________________________________________________________________________\r\nAbout n.runs:\r\nn.runs AG is a vendor-independent consulting company specialising in the\r\nareas of: IT Infrastructure, IT Security and IT Business Consulting.\r\n\r\nCopyright Notice:\r\nUnaltered electronic reproduction of this advisory is permitted. For all\r\nother reproduction or publication, in printing or otherwise, contact\r\nsecurity@nruns.com for permission. Use of the advisory constitutes\r\nacceptance for use in an \u201cas is\u201d condition. All warranties are excluded.\r\nIn no event shall n.runs be liable for any damages whatsoever including\r\ndirect, indirect, incidental, consequential, loss of business profits or\r\nspecial damages, even if n.runs has been advised of the possibility of\r\nsuch damages.\r\nCopyright 2011 n.runs AG. All rights reserved. Terms of use apply.\r\n\r\n\r\n\r\n", "cvss3": {}, "published": "2012-01-02T00:00:00", "type": "securityvulns", "title": "n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-4815"], "modified": "2012-01-02T00:00:00", "id": "SECURITYVULNS:DOC:27501", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27501", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:00:33", "description": "It's easy to predict collisions.", "cvss3": {}, "published": "2012-12-03T00:00:00", "type": "securityvulns", "title": "MurmurHash algorythm vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2012-5370", "CVE-2012-5372", "CVE-2012-5373"], "modified": "2012-12-03T00:00:00", "id": "SECURITYVULNS:VULN:12738", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12738", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:43", "description": "\r\n#2011-003 multiple implementations denial-of-service via hash algorithm\r\ncollision\r\n\r\nDescription:\r\n\r\nA variety of programming languages suffer from a denial-of-service (DoS)\r\ncondition against storage functions of key/value pairs in hash data\r\nstructures, the condition can be leveraged by exploiting predictable\r\ncollisions in the underlying hashing algorithms.\r\n\r\nThe issue finds particular exposure in web server applications and/or\r\nframeworks. In particular, the lack of sufficient limits for the number of\r\nparameters in POST requests in conjunction with the predictable collision\r\nproperties in the hashing functions of the underlying languages can render web\r\napplications vulnerable to the DoS condition. The attacker, using specially\r\ncrafted HTTP requests, can lead to a 100% of CPU usage which can last up to\r\nseveral hours depending on the targeted application and server performance,\r\nthe amplification effect is considerable and requires little bandwidth and\r\ntime on the attacker side.\r\n\r\nThe condition for predictable collisions in the hashing functions has been\r\nreported for the following language implementations: Java, JRuby, PHP, Python,\r\nRubinius, Ruby. In the case of the Ruby language, the 1.9.x branch is not\r\naffected by the predictable collision condition since this version includes a\r\nrandomization of the hashing function.\r\n\r\nThe vulnerability outlined in this advisory is practically identical to the\r\none reported in 2003 and described in the paper Denial of Service via\r\nAlgorithmic Complexity Attacks which affected the Perl language.\r\n\r\nThe reporters own advisory can be found at\r\nhttp://www.nruns.com/_downloads/advisory28122011.pdf\r\n\r\nAffected version:\r\nJava, all versions\r\nJRuby <= 1.6.5\r\nPHP <= 5.3.8, <= 5.4.0RC3\r\nPython, all versions\r\nRubinius, all versions\r\nRuby <= 1.8.7-p356\r\n\r\nApache Geronimo, all versions\r\nApache Tomcat <= 5.5.34, <= 6.0.34, <= 7.0.22\r\nOracle Glassfish <= 3.1.1\r\nJetty, all versions\r\nPlone, all versions\r\nRack, all versions\r\nV8 JavaScript Engine, all versions\r\n\r\nFixed version:\r\nJava, N/A\r\nJRuby >= 1.6.5.1\r\nPHP >= 5.3.9, >= 5.4.0RC4\r\nPython, N/A\r\nRubinius, N/A\r\nRuby >= 1.8.7-p357, 1.9.x\r\n\r\nApache Geronimo, N/A\r\nApache Tomcat >= 5.5.35, >= 6.0.35, >= 7.0.23\r\nOracle Glassfish, N/A (Oracle reports that the issue is fixed in the main codeline and scheduled for a future CPU)\r\nJetty, N/A\r\nPlone, N/A\r\nRack, N/A\r\nV8 JavaScript Engine, N/A\r\n\r\nCredit: vulnerability report and PoC code received from Alexander Klink\r\n<alexander.klink AT nruns.com> and Julian Waelde <jwaelde AT\r\ncdc.informatik.tu-darmstadt.de>.\r\n\r\nCVE: CVE-2011-4461 (Jetty), CVE-2011-4838 (JRuby), CVE-2011-4885 (PHP),\r\n CVE-2011-4462 (Plone), CVE-2011-4815 (Ruby)\r\n\r\nTimeline:\r\n\r\n2011-09-25: vulnerability report received, reporters set embargo date to December 27th\r\n2011-10-18: contacted maintainers of Apache Tomcat, Apache Geronimo, Jetty, Java, Plone, Zope, V8\r\n2011-11-01: contacted maintainers of Ruby on Rails, Ruby, Python, PHP\r\n2011-11-01: contacted affected distributions\r\n2011-11-02: contacted JRuby maintainer\r\n2011-12-13: contacted Ruby Installer maintainer\r\n2011-12-14: assigned CVE for Ruby\r\n2011-12-15: assigned CVE for JRuby\r\n2011-12-13: contacted Rack maintainer\r\n2011-12-16: assigned CVE for Apache Tomcat\r\n2011-12-21: assigned CVE for PHP\r\n2011-12-28: advisory release\r\n\r\nReferences:\r\nhttp://www.nruns.com/_downloads/advisory28122011.pdf\r\nhttp://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf\r\nhttp://svn.php.net/viewvc?view=revision&revision=321003 (unstable, not final)\r\nhttp://svn.php.net/viewvc?view=revision&revision=321040 (unstable, not final)\r\nhttps://gist.github.com/52bbc6b9cc19ce330829\r\n\r\nPermalink:\r\nhttp://www.ocert.org/advisories/ocert-2011-003.html\r\n\r\n-- \r\nAndrea Barisani | Founder & Project Coordinator\r\n oCERT | OSS Computer Security Incident Response Team\r\n\r\n<lcars@ocert.org> http://www.ocert.org\r\n 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E\r\n "Pluralitas non est ponenda sine necessitate"\r\n", "cvss3": {}, "published": "2012-01-02T00:00:00", "type": "securityvulns", "title": "[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-4461", "CVE-2011-4462", "CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815"], "modified": "2012-01-02T00:00:00", "id": "SECURITYVULNS:DOC:27500", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27500", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-01-11T14:42:03", "description": "Jean-Philippe Aumasson discovered that Ruby incorrectly generated predictable hash values. An attacker could use this issue to generate hash collisions and cause a denial of service. (CVE-2012-5371)\n\nEvgeny Ermakov discovered that documentation generated by rdoc is vulnerable to a cross-site scripting issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.\n(CVE-2013-0256)\n\nThomas Hollstegge and Ben Murphy discovered that the JSON implementation in Ruby incorrectly handled certain crafted documents.\nAn attacker could use this issue to cause a denial of service or bypass certain protection mechanisms. (CVE-2013-0269).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1733-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libruby1.9.1", "p-cpe:/a:canonical:ubuntu_linux:ruby1.9.1", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-1733-1.NASL", "href": "https://www.tenable.com/plugins/nessus/64799", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1733-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64799);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0256\", \"CVE-2013-0269\");\n script_bugtraq_id(56484, 57785, 57899);\n script_xref(name:\"USN\", value:\"1733-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1733-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jean-Philippe Aumasson discovered that Ruby incorrectly generated\npredictable hash values. An attacker could use this issue to generate\nhash collisions and cause a denial of service. (CVE-2012-5371)\n\nEvgeny Ermakov discovered that documentation generated by rdoc is\nvulnerable to a cross-site scripting issue. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing a specially\ncrafted page, a remote attacker could exploit this to modify the\ncontents, or steal confidential data, within the same domain.\n(CVE-2013-0256)\n\nThomas Hollstegge and Ben Murphy discovered that the JSON\nimplementation in Ruby incorrectly handled certain crafted documents.\nAn attacker could use this issue to cause a denial of service or\nbypass certain protection mechanisms. (CVE-2013-0269).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1733-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libruby1.9.1 and / or ruby1.9.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libruby1.9.1\", pkgver:\"1.9.3.0-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"ruby1.9.1\", pkgver:\"1.9.3.0-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libruby1.9.1\", pkgver:\"1.9.3.194-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"ruby1.9.1\", pkgver:\"1.9.3.194-1ubuntu1.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libruby1.9.1 / ruby1.9.1\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:32:42", "description": "The official ruby site reports :\n\nCarefully crafted sequence of strings can cause a denial of service attack on the service that parses the sequence to create a Hash object by using the strings as keys. For instance, this vulnerability affects web application that parses the JSON data sent from untrusted entity.\n\nThis vulnerability is similar to CVS-2011-4815 for ruby 1.8.7. ruby 1.9 versions were using modified MurmurHash function but it's reported that there is a way to create sequence of strings that collide their hash values each other. This fix changes the Hash function of String object from the MurmurHash to SipHash 2-4.", "cvss3": {}, "published": "2012-11-12T00:00:00", "type": "nessus", "title": "FreeBSD : ruby -- Hash-flooding DoS vulnerability for ruby 1.9 (5e647ca3-2aea-11e2-b745-001fd0af1a4c)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ruby", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_5E647CA32AEA11E2B745001FD0AF1A4C.NASL", "href": "https://www.tenable.com/plugins/nessus/62886", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62886);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-5371\");\n\n script_name(english:\"FreeBSD : ruby -- Hash-flooding DoS vulnerability for ruby 1.9 (5e647ca3-2aea-11e2-b745-001fd0af1a4c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The official ruby site reports :\n\nCarefully crafted sequence of strings can cause a denial of service\nattack on the service that parses the sequence to create a Hash object\nby using the strings as keys. For instance, this vulnerability affects\nweb application that parses the JSON data sent from untrusted entity.\n\nThis vulnerability is similar to CVS-2011-4815 for ruby 1.8.7. ruby\n1.9 versions were using modified MurmurHash function but it's reported\nthat there is a way to create sequence of strings that collide their\nhash values each other. This fix changes the Hash function of String\nobject from the MurmurHash to SipHash 2-4.\"\n );\n # http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?060da3e3\"\n );\n # https://vuxml.freebsd.org/freebsd/5e647ca3-2aea-11e2-b745-001fd0af1a4c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc4c87bc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.9<1.9.3.327\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:16", "description": "New ruby packages are available for Slackware 13.1, 13.37, 14.0, and\n-current to fix security issues.", "cvss3": {}, "published": "2012-12-07T00:00:00", "type": "nessus", "title": "Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2012-341-04)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:ruby", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0"], "id": "SLACKWARE_SSA_2012-341-04.NASL", "href": "https://www.tenable.com/plugins/nessus/63170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2012-341-04. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63170);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5371\");\n script_bugtraq_id(56484);\n script_xref(name:\"SSA\", value:\"2012-341-04\");\n\n script_name(english:\"Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2012-341-04)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New ruby packages are available for Slackware 13.1, 13.37, 14.0, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.422575\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e1083de0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.1\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p327\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:32:56", "description": "A security flaw was found on ruby currently shiped on Fedora 18 that carefully crafted sequence of strings may cause a denial of service attack on the service that parses the sequence to create a Hash object by using the strings as keys. This issue is now registered as CVE-2012-5371.\n\nThis new package should fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-11-19T00:00:00", "type": "nessus", "title": "Fedora 17 : ruby-1.9.3.327-19.fc17 (2012-18017)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-18017.NASL", "href": "https://www.tenable.com/plugins/nessus/62955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18017.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62955);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5371\");\n script_bugtraq_id(56484);\n script_xref(name:\"FEDORA\", value:\"2012-18017\");\n\n script_name(english:\"Fedora 17 : ruby-1.9.3.327-19.fc17 (2012-18017)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found on ruby currently shiped on Fedora 18 that\ncarefully crafted sequence of strings may cause a denial of service\nattack on the service that parses the sequence to create a Hash object\nby using the strings as keys. This issue is now registered as\nCVE-2012-5371.\n\nThis new package should fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=875267\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092515.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3e0fcff\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"ruby-1.9.3.327-19.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:33:08", "description": "A security flaw was found on ruby currently shiped on Fedora 18 that carefully crafted sequence of strings may cause a denial of service attack on the service that parses the sequence to create a Hash object by using the strings as keys. This issue is now registered as CVE-2012-5371.\n\nThis new package should fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "nessus", "title": "Fedora 18 : ruby-1.9.3.327-22.fc18 (2012-17949)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2012-17949.NASL", "href": "https://www.tenable.com/plugins/nessus/63030", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-17949.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63030);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5371\");\n script_bugtraq_id(56484);\n script_xref(name:\"FEDORA\", value:\"2012-17949\");\n\n script_name(english:\"Fedora 18 : ruby-1.9.3.327-22.fc18 (2012-17949)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found on ruby currently shiped on Fedora 18 that\ncarefully crafted sequence of strings may cause a denial of service\nattack on the service that parses the sequence to create a Hash object\nby using the strings as keys. This issue is now registered as\nCVE-2012-5371.\n\nThis new package should fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=875268\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092907.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65fc27f9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"ruby-1.9.3.327-22.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:58:22", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby (ALAS-2012-35)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby", "p-cpe:/a:amazon:linux:ruby-debuginfo", "p-cpe:/a:amazon:linux:ruby-devel", "p-cpe:/a:amazon:linux:ruby-irb", "p-cpe:/a:amazon:linux:ruby-libs", "p-cpe:/a:amazon:linux:ruby-rdoc", "p-cpe:/a:amazon:linux:ruby-ri", "p-cpe:/a:amazon:linux:ruby-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-35.NASL", "href": "https://www.tenable.com/plugins/nessus/69642", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-35.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69642);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_xref(name:\"ALAS\", value:\"2012-35\");\n\n script_name(english:\"Amazon Linux AMI : ruby (ALAS-2012-35)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby (aka CRuby) before 1.8.7-p357 computes hash values without\nrestricting the ability to trigger hash collisions predictably, which\nallows context-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted input to an application that maintains a hash\ntable.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-35.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ruby' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ruby-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-debuginfo-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-devel-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-irb-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-libs-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-rdoc-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-ri-1.8.7.357-1.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-static-1.8.7.357-1.10.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:47:09", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. (CVE-2011-4815)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : ruby (cve_2011_4815_denial_of)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:ruby"], "id": "SOLARIS11_RUBY_20120417.NASL", "href": "https://www.tenable.com/plugins/nessus/80754", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80754);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4815\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : ruby (cve_2011_4815_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Ruby (aka CRuby) before 1.8.7-p357 computes hash values\n without restricting the ability to trigger hash\n collisions predictably, which allows context-dependent\n attackers to cause a denial of service (CPU consumption)\n via crafted input to an application that maintains a\n hash table. (CVE-2011-4815)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2011-4815-denial-of-service-dos-vulnerability-in-ruby\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 6.6.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:ruby\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^ruby$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.6.0.6.0\", sru:\"SRU 6.6\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : ruby\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"ruby\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:19:44", "description": "A security flaw was found on the previous ruby that with some series of strings which was specially crafted to intentionally collide their hash values with each other, rails applications may fall into denial of services when such strings are used in HTTP requests (CVE-2011-4815). This new ruby will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "nessus", "title": "Fedora 15 : ruby-1.8.7.357-1.fc15 (2011-17551)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-17551.NASL", "href": "https://www.tenable.com/plugins/nessus/57478", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17551.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57478);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_bugtraq_id(51198);\n script_xref(name:\"FEDORA\", value:\"2011-17551\");\n\n script_name(english:\"Fedora 15 : ruby-1.8.7.357-1.fc15 (2011-17551)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found on the previous ruby that with some series\nof strings which was specially crafted to intentionally collide their\nhash values with each other, rails applications may fall into denial\nof services when such strings are used in HTTP requests\n(CVE-2011-4815). This new ruby will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750564\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/071794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?291d3016\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"ruby-1.8.7.357-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:19:16", "description": "A security flaw was found on the previous ruby that with some series of strings which was specially crafted to intentionally collide their hash values with each other, rails applications may fall into denial of services when such strings are used in HTTP requests (CVE-2011-4815). This new ruby will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "nessus", "title": "Fedora 16 : ruby-1.8.7.357-1.fc16 (2011-17542)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ruby", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-17542.NASL", "href": "https://www.tenable.com/plugins/nessus/57477", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17542.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57477);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_bugtraq_id(51198);\n script_xref(name:\"FEDORA\", value:\"2011-17542\");\n\n script_name(english:\"Fedora 16 : ruby-1.8.7.357-1.fc16 (2011-17542)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found on the previous ruby that with some series\nof strings which was specially crafted to intentionally collide their\nhash values with each other, rails applications may fall into denial\nof services when such strings are used in HTTP requests\n(CVE-2011-4815). This new ruby will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750564\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/071762.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ba928090\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"ruby-1.8.7.357-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:19:18", "description": "Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nRed Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters.\n\nAll users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.", "cvss3": {}, "published": "2012-01-31T00:00:00", "type": "nessus", "title": "RHEL 6 : ruby (RHSA-2012:0069)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-static", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.2"], "id": "REDHAT-RHSA-2012-0069.NASL", "href": "https://www.tenable.com/plugins/nessus/57746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0069. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57746);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_bugtraq_id(51198);\n script_xref(name:\"RHSA\", value:\"2012:0069\");\n\n script_name(english:\"RHEL 6 : ruby (RHSA-2012:0069)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nRed Hat would like to thank oCERT for reporting this issue. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\"\n );\n # http://www.ocert.org/advisories/ocert-2011-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2011-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4815\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0069\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-debuginfo-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-devel-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-docs-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-docs-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-irb-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-irb-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-libs-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-rdoc-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-ri-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-ri-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-static-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-static-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-static-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-tcltk-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.7.352-4.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.7.352-4.el6_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:50:04", "description": "From Red Hat Security Advisory 2012:0069 :\n\nUpdated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nRed Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters.\n\nAll users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : ruby (ELSA-2012-0069)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-devel", "p-cpe:/a:oracle:linux:ruby-docs", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-rdoc", "p-cpe:/a:oracle:linux:ruby-ri", "p-cpe:/a:oracle:linux:ruby-static", "p-cpe:/a:oracle:linux:ruby-tcltk", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-0069.NASL", "href": "https://www.tenable.com/plugins/nessus/68440", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0069 and \n# Oracle Linux Security Advisory ELSA-2012-0069 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68440);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_bugtraq_id(51198);\n script_xref(name:\"RHSA\", value:\"2012:0069\");\n\n script_name(english:\"Oracle Linux 6 : ruby (ELSA-2012-0069)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0069 :\n\nUpdated ruby packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nRed Hat would like to thank oCERT for reporting this issue. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-January/002577.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"ruby-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-devel-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-docs-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-irb-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-libs-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-rdoc-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-ri-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-static-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-tcltk-1.8.7.352-4.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-rdoc / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:27:04", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nAll users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20120130)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ruby", "p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ruby-devel", "p-cpe:/a:fermilab:scientific_linux:ruby-docs", "p-cpe:/a:fermilab:scientific_linux:ruby-irb", "p-cpe:/a:fermilab:scientific_linux:ruby-libs", "p-cpe:/a:fermilab:scientific_linux:ruby-rdoc", "p-cpe:/a:fermilab:scientific_linux:ruby-ri", "p-cpe:/a:fermilab:scientific_linux:ruby-static", "p-cpe:/a:fermilab:scientific_linux:ruby-tcltk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120130_RUBY_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61229", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61229);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4815\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20120130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1201&L=scientific-linux-errata&T=0&P=2657\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a1450742\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"ruby-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-debuginfo-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-devel-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-docs-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-irb-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-libs-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-rdoc-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-ri-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-static-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-tcltk-1.8.7.352-4.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:20:00", "description": "Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nRed Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters.\n\nAll users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.", "cvss3": {}, "published": "2012-01-31T00:00:00", "type": "nessus", "title": "CentOS 6 : ruby (CESA-2012:0069)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:ruby-docs", "p-cpe:/a:centos:centos:ruby-irb", "p-cpe:/a:centos:centos:ruby-libs", "p-cpe:/a:centos:centos:ruby-rdoc", "p-cpe:/a:centos:centos:ruby-ri", "p-cpe:/a:centos:centos:ruby-static", "p-cpe:/a:centos:centos:ruby-tcltk", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-0069.NASL", "href": "https://www.tenable.com/plugins/nessus/57733", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0069 and \n# CentOS Errata and Security Advisory 2012:0069 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57733);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_bugtraq_id(51198);\n script_xref(name:\"RHSA\", value:\"2012:0069\");\n\n script_name(english:\"CentOS 6 : ruby (CESA-2012:0069)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nRed Hat would like to thank oCERT for reporting this issue. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-January/018400.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?906f6ea6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-4815\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-devel-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-docs-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-irb-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-libs-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-rdoc-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-ri-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-static-1.8.7.352-4.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-tcltk-1.8.7.352-4.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-rdoc / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:20:49", "description": "A vulnerability has been found and corrected in ruby :\n\nRuby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table (CVE-2011-4815).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2012-02-29T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : ruby (MDVSA-2012:024)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ruby", "p-cpe:/a:mandriva:linux:ruby-devel", "p-cpe:/a:mandriva:linux:ruby-doc", "p-cpe:/a:mandriva:linux:ruby-tk", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-024.NASL", "href": "https://www.tenable.com/plugins/nessus/58163", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:024. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58163);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4815\");\n script_bugtraq_id(51198);\n script_xref(name:\"MDVSA\", value:\"2012:024\");\n\n script_name(english:\"Mandriva Linux Security Advisory : ruby (MDVSA-2012:024)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in ruby :\n\nRuby (aka CRuby) before 1.8.7-p357 computes hash values without\nrestricting the ability to trigger hash collisions predictably, which\nallows context-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted input to an application that maintains a hash\ntable (CVE-2011-4815).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"ruby-1.8.7.p249-4.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"ruby-devel-1.8.7.p249-4.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"ruby-doc-1.8.7.p249-4.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"ruby-tk-1.8.7.p249-4.2mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"ruby-1.8.7.p334-4.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ruby-devel-1.8.7.p334-4.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ruby-doc-1.8.7.p334-4.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ruby-tk-1.8.7.p334-4.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:43:45", "description": "A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-06T00:00:00", "type": "nessus", "title": "Fedora 17 : rubygem-json-1.6.8-1.fc17 (2013-3050)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-json", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-3050.NASL", "href": "https://www.tenable.com/plugins/nessus/65039", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3050.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65039);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0269\");\n script_bugtraq_id(57899);\n script_xref(name:\"FEDORA\", value:\"2013-3050\");\n\n script_name(english:\"Fedora 17 : rubygem-json-1.6.8-1.fc17 (2013-3050)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was discovered on the previous json that there is a\ndenial of service and unsafe object creation vulnerability. This\nvulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=910313\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099698.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?95fe7766\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-json package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"rubygem-json-1.6.8-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-json\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:00", "description": "The JSON gem for Ruby allowed remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka 'Unsafe Object Creation Vulnerability.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in libjson-ruby version 1.1.9-1+deb6u1.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-01T00:00:00", "type": "nessus", "title": "Debian DLA-215-1 : libjson-ruby security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:edit-json", "p-cpe:/a:debian:debian_linux:libjson-ruby", "p-cpe:/a:debian:debian_linux:libjson-ruby-doc", "p-cpe:/a:debian:debian_linux:libjson-ruby1.8", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-215.NASL", "href": "https://www.tenable.com/plugins/nessus/83167", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-215-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83167);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0269\");\n script_bugtraq_id(57899);\n\n script_name(english:\"Debian DLA-215-1 : libjson-ruby security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The JSON gem for Ruby allowed remote attackers to cause a denial of\nservice (resource consumption) or bypass the mass assignment\nprotection mechanism via a crafted JSON document that triggers the\ncreation of arbitrary Ruby symbols or certain internal objects, as\ndemonstrated by conducting a SQL injection attack against Ruby on\nRails, aka 'Unsafe Object Creation Vulnerability.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in\nlibjson-ruby version 1.1.9-1+deb6u1.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/04/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libjson-ruby\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:edit-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjson-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjson-ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjson-ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"edit-json\", reference:\"1.1.9-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libjson-ruby\", reference:\"1.1.9-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libjson-ruby-doc\", reference:\"1.1.9-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libjson-ruby1.8\", reference:\"1.1.9-1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:41:56", "description": "Aaron Patterson reports :\n\nWhen parsing certain JSON documents, the JSON gem can be coerced in to creating Ruby symbols in a target system. Since Ruby symbols are not garbage collected, this can result in a denial of service attack.\n\nThe same technique can be used to create objects in a target system that act like internal objects. These 'act alike' objects can be used to bypass certain security mechanisms and can be used as a spring board for SQL injection attacks in Ruby on Rails.", "cvss3": {}, "published": "2013-02-18T00:00:00", "type": "nessus", "title": "FreeBSD : Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON (c79eb109-a754-45d7-b552-a42099eb2265)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ruby", "p-cpe:/a:freebsd:freebsd:rubygem18-json", "p-cpe:/a:freebsd:freebsd:rubygem18-json_pure", "p-cpe:/a:freebsd:freebsd:rubygem19-json", "p-cpe:/a:freebsd:freebsd:rubygem19-json_pure", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C79EB109A75445D7B552A42099EB2265.NASL", "href": "https://www.tenable.com/plugins/nessus/64652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64652);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0269\");\n\n script_name(english:\"FreeBSD : Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON (c79eb109-a754-45d7-b552-a42099eb2265)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aaron Patterson reports :\n\nWhen parsing certain JSON documents, the JSON gem can be coerced in to\ncreating Ruby symbols in a target system. Since Ruby symbols are not\ngarbage collected, this can result in a denial of service attack.\n\nThe same technique can be used to create objects in a target system\nthat act like internal objects. These 'act alike' objects can be used\nto bypass certain security mechanisms and can be used as a spring\nboard for SQL injection attacks in Ruby on Rails.\"\n );\n # https://vuxml.freebsd.org/freebsd/c79eb109-a754-45d7-b552-a42099eb2265.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ddb8e17\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem18-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem18-json_pure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem19-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem19-json_pure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.9,1<1.9.3.385,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem18-json<1.7.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem19-json<1.7.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem18-json_pure<1.7.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem19-json_pure<1.7.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:44", "description": "A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-06T00:00:00", "type": "nessus", "title": "Fedora 18 : rubygem-json-1.6.8-1.fc18 (2013-3052)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-json", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-3052.NASL", "href": "https://www.tenable.com/plugins/nessus/65040", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3052.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65040);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0269\");\n script_bugtraq_id(57899);\n script_xref(name:\"FEDORA\", value:\"2013-3052\");\n\n script_name(english:\"Fedora 18 : rubygem-json-1.6.8-1.fc18 (2013-3052)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was discovered on the previous json that there is a\ndenial of service and unsafe object creation vulnerability. This\nvulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=910313\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099688.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?abe1d1ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-json package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"rubygem-json-1.6.8-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-json\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-07T14:30:33", "description": "The remote host is affected by the vulnerability described in GLSA-201412-27 (Ruby: Denial of Service)\n\n Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or bypass security restrictions.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-27 : Ruby: Denial of Service", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0188", "CVE-2011-1004", "CVE-2011-1005", "CVE-2011-4815", "CVE-2012-4481", "CVE-2012-5371", "CVE-2013-0269", "CVE-2013-1821", "CVE-2013-4164", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:ruby", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-27.NASL", "href": "https://www.tenable.com/plugins/nessus/79980", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-27.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79980);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-4815\", \"CVE-2012-4481\", \"CVE-2012-5371\", \"CVE-2013-0269\", \"CVE-2013-1821\", \"CVE-2013-4164\", \"CVE-2014-8080\", \"CVE-2014-8090\");\n script_bugtraq_id(46458, 46460, 46966, 51198, 55813, 56484, 57899, 58141, 63873, 70935, 71230);\n script_xref(name:\"GLSA\", value:\"201412-27\");\n\n script_name(english:\"GLSA-201412-27 : Ruby: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-27\n(Ruby: Denial of Service)\n\n Multiple vulnerabilities have been discovered in Ruby. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly execute arbitrary code with\n the privileges of the process, cause a Denial of Service condition, or\n bypass security restrictions.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Ruby 1.9 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/ruby-1.9.3_p551'\n All Ruby 2.0 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/ruby-2.0.0_p598'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/ruby\", unaffected:make_list(\"rge 1.9.3_p551\", \"ge 2.0.0_p598\"), vulnerable:make_list(\"lt 2.0.0_p598\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:49:45", "description": "From Red Hat Security Advisory 2012:0070 :\n\nUpdated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4815.\n\nAll users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : ruby (ELSA-2012-0070)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:irb", "p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-devel", "p-cpe:/a:oracle:linux:ruby-docs", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-mode", "p-cpe:/a:oracle:linux:ruby-rdoc", "p-cpe:/a:oracle:linux:ruby-ri", "p-cpe:/a:oracle:linux:ruby-tcltk", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0070.NASL", "href": "https://www.tenable.com/plugins/nessus/68441", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0070 and \n# Oracle Linux Security Advisory ELSA-2012-0070 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68441);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\");\n script_bugtraq_id(49126, 51198);\n script_xref(name:\"RHSA\", value:\"2012:0070\");\n\n script_name(english:\"Oracle Linux 4 / 5 : ruby (ELSA-2012-0070)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0070 :\n\nUpdated ruby packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2011-4815.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-January/002578.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-January/002579.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"irb-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-devel-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-docs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-libs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-mode-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-tcltk-1.8.1-18.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-devel-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-libs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:19:58", "description": "Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4815.\n\nAll users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2012-01-31T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : ruby (CESA-2012:0070)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:irb", "p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:ruby-docs", "p-cpe:/a:centos:centos:ruby-irb", "p-cpe:/a:centos:centos:ruby-libs", "p-cpe:/a:centos:centos:ruby-mode", "p-cpe:/a:centos:centos:ruby-rdoc", "p-cpe:/a:centos:centos:ruby-ri", "p-cpe:/a:centos:centos:ruby-tcltk", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0070.NASL", "href": "https://www.tenable.com/plugins/nessus/57734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0070 and \n# CentOS Errata and Security Advisory 2012:0070 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57734);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\");\n script_bugtraq_id(49126, 51198);\n script_xref(name:\"RHSA\", value:\"2012:0070\");\n\n script_name(english:\"CentOS 4 / 5 : ruby (CESA-2012:0070)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2011-4815.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-January/018394.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?865c2478\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-January/018401.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c295b34f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-4815\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"irb-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"irb-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ruby-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ruby-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ruby-devel-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ruby-devel-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ruby-docs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ruby-libs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ruby-libs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ruby-mode-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ruby-mode-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"ruby-tcltk-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.1-18.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-devel-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-libs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:19:44", "description": "Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4815.\n\nAll users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2012-01-31T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : ruby (RHSA-2012:0070)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:irb", "p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby-mode", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0070.NASL", "href": "https://www.tenable.com/plugins/nessus/57747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0070. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57747);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3009\", \"CVE-2011-4815\");\n script_bugtraq_id(49126, 51198);\n script_xref(name:\"RHSA\", value:\"2012:0070\");\n\n script_name(english:\"RHEL 4 / 5 : ruby (RHSA-2012:0070)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nRed Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2011-4815.\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # http://www.ocert.org/advisories/ocert-2011-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2011-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4815\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0070\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"irb-1.8.1-18.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-1.8.1-18.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-devel-1.8.1-18.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-docs-1.8.1-18.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-libs-1.8.1-18.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-mode-1.8.1-18.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-tcltk-1.8.1-18.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-devel-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-libs-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:34:34", "description": "Ruby 1.8 was updated to fix a XML entity expansion denial of service attack (CVE-2013-1821)\n\nRuby 1.9 was updated to 1.9.3 p392, fixing the same security issues and also :\n\n - update json intree to 1.5.5: Denial of Service and Unsafe Object Creation Vulnerability in JSON CVE-2013-0269\n\n - limit entity expansion text limit to 10kB CVE-2013-1821\n\n - get rid of a SEGV when calling rb_iter_break() from some extention libraries.\n\n - some warning suppressed and smaller fixes", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ruby (openSUSE-SU-2013:0603-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2013-1821"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ruby", "p-cpe:/a:novell:opensuse:ruby-common", "p-cpe:/a:novell:opensuse:ruby-debuginfo", "p-cpe:/a:novell:opensuse:ruby-debugsource", "p-cpe:/a:novell:opensuse:ruby-devel", "p-cpe:/a:novell:opensuse:ruby-doc-html", "p-cpe:/a:novell:opensuse:ruby-doc-ri", "p-cpe:/a:novell:opensuse:ruby-examples", "p-cpe:/a:novell:opensuse:ruby-test-suite", "p-cpe:/a:novell:opensuse:ruby-tk", "p-cpe:/a:novell:opensuse:ruby-tk-debuginfo", "p-cpe:/a:novell:opensuse:ruby19", "p-cpe:/a:novell:opensuse:ruby19-debuginfo", "p-cpe:/a:novell:opensuse:ruby19-debugsource", "p-cpe:/a:novell:opensuse:ruby19-devel", "p-cpe:/a:novell:opensuse:ruby19-devel-extra", "p-cpe:/a:novell:opensuse:ruby19-doc-ri", "p-cpe:/a:novell:opensuse:ruby19-tk", "p-cpe:/a:novell:opensuse:ruby19-tk-debuginfo", "cpe:/o:novell:opensuse:12.1", "cpe:/o:novell:opensuse:12.2", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-298.NASL", "href": "https://www.tenable.com/plugins/nessus/74955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-298.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74955);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2013-1821\");\n\n script_name(english:\"openSUSE Security Update : ruby (openSUSE-SU-2013:0603-1)\");\n script_summary(english:\"Check for the openSUSE-2013-298 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby 1.8 was updated to fix a XML entity expansion denial of service\nattack (CVE-2013-1821)\n\nRuby 1.9 was updated to 1.9.3 p392, fixing the same security issues\nand also :\n\n - update json intree to 1.5.5: Denial of Service and\n Unsafe Object Creation Vulnerability in JSON\n CVE-2013-0269\n\n - limit entity expansion text limit to 10kB CVE-2013-1821\n\n - get rid of a SEGV when calling rb_iter_break() from some\n extention libraries.\n\n - some warning suppressed and smaller fixes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-04/msg00034.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-test-suite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-devel-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-debuginfo-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-debugsource-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-devel-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-doc-html-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-doc-ri-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-examples-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-test-suite-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-tk-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-tk-debuginfo-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby-1.9.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby-common-1.9.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby-devel-1.9.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-debuginfo-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-debugsource-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-devel-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-devel-extra-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-doc-ri-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-tk-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-tk-debuginfo-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby-1.9.3-15.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby-devel-1.9.3-15.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-debuginfo-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-debugsource-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-devel-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-devel-extra-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-doc-ri-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-tk-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-tk-debuginfo-1.9.3.p392-1.5.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:56", "description": "Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.1.3.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. (CVE-2013-0269)\n\nIt was found that documentation created by rubygem-rdoc and ruby193-rubygem-rdoc was vulnerable to a cross-site scripting (XSS) attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used for creating documentation for Ruby source files (such as classes, modules, and so on), it is not a common scenario to make such documentation accessible over the network. (CVE-2013-0256)\n\nRed Hat would like to thank Ruby on Rails upstream for reporting CVE-2013-0269, and Eric Hodel of RDoc upstream for reporting CVE-2013-0256. Upstream acknowledges Thomas Hollstegge of Zweitag and Ben Murphy as the original reporters of CVE-2013-0269, and Evgeny Ermakov as the original reporter of CVE-2013-0256.\n\nUsers of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to these updated packages, which correct these issues.", "cvss3": {}, "published": "2018-12-06T00:00:00", "type": "nessus", "title": "RHEL 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0256", "CVE-2013-0269"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby193-ruby", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-tcltk", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bigdecimal", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-io-console", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rake", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems-devel", "p-cpe:/a:redhat:enterprise_linux:rubygem-json", "p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rubygem-json-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-doc", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0701.NASL", "href": "https://www.tenable.com/plugins/nessus/119437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0701. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119437);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0256\", \"CVE-2013-0269\");\n script_bugtraq_id(57785, 57899);\n script_xref(name:\"RHSA\", value:\"2013:0701\");\n\n script_name(english:\"RHEL 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix\ntwo security issues are now available for Red Hat OpenShift Enterprise\n1.1.3.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks\nby creating different types of malicious objects. For example, it\ncould initiate a denial of service attack through resource consumption\nby using a JSON document to create arbitrary Ruby symbols, which were\nnever garbage collected. It could also be exploited to create internal\nobjects which could allow a SQL injection attack. (CVE-2013-0269)\n\nIt was found that documentation created by rubygem-rdoc and\nruby193-rubygem-rdoc was vulnerable to a cross-site scripting (XSS)\nattack. If such documentation was accessible over a network, and a\nremote attacker could trick a user into visiting a specially crafted\nURL, it would lead to arbitrary web script execution in the context of\nthe user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used\nfor creating documentation for Ruby source files (such as classes,\nmodules, and so on), it is not a common scenario to make such\ndocumentation accessible over the network. (CVE-2013-0256)\n\nRed Hat would like to thank Ruby on Rails upstream for reporting\nCVE-2013-0269, and Eric Hodel of RDoc upstream for reporting\nCVE-2013-0256. Upstream acknowledges Thomas Hollstegge of Zweitag and\nBen Murphy as the original reporters of CVE-2013-0269, and Evgeny\nErmakov as the original reporter of CVE-2013-0256.\n\nUsers of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to\nthese updated packages, which correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0269\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0701\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-debuginfo-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-devel-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-doc-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-ruby-irb-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-libs-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-tcltk-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-bigdecimal-1.1.0-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-io-console-0.3-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-json-1.5.4-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-minitest-2.5.1-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-rake-0.9.2.2-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-rdoc-3.9.4-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygems-1.8.23-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygems-devel-1.8.23-28.el6\")) flag++;\n if (rpm_exists(rpm:\"rubygem-json-1.7\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.3-2.el6\")) flag++;\n if (rpm_exists(rpm:\"rubygem-json-debuginfo-1.7\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-json-debuginfo-1.7.3-2.el6\")) flag++;\n if (rpm_exists(rpm:\"rubygem-json-doc-1.7\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", reference:\"rubygem-json-doc-1.7.3-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-rdoc-3.8-9.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-rdoc-doc-3.8-9.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby193-ruby / ruby193-ruby-debuginfo / ruby193-ruby-devel / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:18:17", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1426 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-31T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby19 (ALAS-2020-1426)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby19", "p-cpe:/a:amazon:linux:ruby19-debuginfo", "p-cpe:/a:amazon:linux:ruby19-devel", "p-cpe:/a:amazon:linux:ruby19-doc", "p-cpe:/a:amazon:linux:ruby19-irb", "p-cpe:/a:amazon:linux:ruby19-libs", "p-cpe:/a:amazon:linux:ruby21", "p-cpe:/a:amazon:linux:ruby21-debuginfo", "p-cpe:/a:amazon:linux:ruby21-devel", "p-cpe:/a:amazon:linux:ruby21-doc", "p-cpe:/a:amazon:linux:ruby21-irb", "p-cpe:/a:amazon:linux:ruby21-libs", "p-cpe:/a:amazon:linux:rubygem19-bigdecimal", "p-cpe:/a:amazon:linux:rubygem19-io-console", "p-cpe:/a:amazon:linux:rubygem19-json", "p-cpe:/a:amazon:linux:rubygem19-minitest", "p-cpe:/a:amazon:linux:rubygem19-rake", "p-cpe:/a:amazon:linux:rubygem19-rdoc", "p-cpe:/a:amazon:linux:rubygem21-bigdecimal", "p-cpe:/a:amazon:linux:rubygem21-io-console", "p-cpe:/a:amazon:linux:rubygem21-psych", "p-cpe:/a:amazon:linux:rubygems19", "p-cpe:/a:amazon:linux:rubygems19-devel", "p-cpe:/a:amazon:linux:rubygems21", "p-cpe:/a:amazon:linux:rubygems21-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1426.NASL", "href": "https://www.tenable.com/plugins/nessus/140094", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1426.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140094);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2020-10663\");\n script_bugtraq_id(57899);\n script_xref(name:\"ALAS\", value:\"2020-1426\");\n\n script_name(english:\"Amazon Linux AMI : ruby19 (ALAS-2020-1426)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the ALAS-2020-1426 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to\n cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a\n crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as\n demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation\n Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1426.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10663\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ruby19' to update your system.\n Run 'yum update ruby21' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0269\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems21-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'ruby19-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-debuginfo-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-debuginfo-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-devel-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-devel-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-doc-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-doc-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-irb-1.9.3.551-33.71.amzn1', 'release':'ALA'},\n {'reference':'ruby19-libs-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-libs-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-debuginfo-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-debuginfo-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-devel-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-devel-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-doc-2.1.9-1.23.amzn1', 'release':'ALA'},\n {'reference':'ruby21-irb-2.1.9-1.23.amzn1', 'release':'ALA'},\n {'reference':'ruby21-libs-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-libs-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-bigdecimal-1.1.0-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem19-bigdecimal-1.1.0-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-io-console-0.3-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem19-io-console-0.3-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-json-1.5.5-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem19-json-1.5.5-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-minitest-2.5.1-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygem19-rake-0.9.2.2-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygem19-rdoc-3.9.5-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygem21-bigdecimal-1.2.4-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-bigdecimal-1.2.4-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-io-console-0.4.3-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-io-console-0.4.3-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-psych-2.0.5-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-psych-2.0.5-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygems19-1.8.23.2-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygems19-devel-1.8.23.2-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygems21-2.2.5-1.23.amzn1', 'release':'ALA'},\n {'reference':'rubygems21-devel-2.2.5-1.23.amzn1', 'release':'ALA'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby19 / ruby19-debuginfo / ruby19-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:18:37", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1423 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-31T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : rubygem-json-debuginfo (ALAS-2020-1423)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:rubygem-json-debuginfo", "p-cpe:/a:amazon:linux:rubygem18-json", "p-cpe:/a:amazon:linux:rubygem18-json-doc", "p-cpe:/a:amazon:linux:rubygem20-json", "p-cpe:/a:amazon:linux:rubygem20-json-doc", "p-cpe:/a:amazon:linux:rubygem21-json", "p-cpe:/a:amazon:linux:rubygem21-json-doc", "p-cpe:/a:amazon:linux:rubygem22-json", "p-cpe:/a:amazon:linux:rubygem22-json-doc", "p-cpe:/a:amazon:linux:rubygem23-json", "p-cpe:/a:amazon:linux:rubygem23-json-doc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1423.NASL", "href": "https://www.tenable.com/plugins/nessus/140093", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1423.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140093);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2020-10663\");\n script_bugtraq_id(57899);\n script_xref(name:\"ALAS\", value:\"2020-1423\");\n\n script_name(english:\"Amazon Linux AMI : rubygem-json-debuginfo (ALAS-2020-1423)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the ALAS-2020-1423 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to\n cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a\n crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as\n demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation\n Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1423.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10663\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update rubygem-json' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0269\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem18-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem18-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem22-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem22-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem23-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem23-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'rubygem-json-debuginfo-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem-json-debuginfo-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem18-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem18-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem18-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem18-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem20-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem20-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem20-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem20-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem22-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem22-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem22-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem22-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem23-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem23-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem23-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem23-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-json-debuginfo / rubygem18-json / rubygem18-json-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:35:04", "description": "According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : ruby (EulerOS-SA-2020-1686)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1686.NASL", "href": "https://www.tenable.com/plugins/nessus/137528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137528);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ruby (EulerOS-SA-2020-1686)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1686\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?48c54776\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h17\",\n \"ruby-irb-2.0.0.648-33.h17\",\n \"ruby-libs-2.0.0.648-33.h17\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:30:35", "description": "When parsing certain JSON documents, the json gem (including the one bundled with Ruby) can be coerced into creating arbitrary objects in the target system.\n\nThis is the same issue as CVE-2013-0269. The previous fix was incomplete, which addressed JSON.parse(user_input), but didn't address some other styles of JSON parsing including JSON(user_input) and JSON.parse(user_input, nil).\n\nSee CVE-2013-0269 in detail. Note that the issue was exploitable to cause a Denial of Service by creating many garbage-uncollectable Symbol objects, but this kind of attack is no longer valid because Symbol objects are now garbage-collectable. However, creating arbitrary bjects may cause severe security consequences depending upon the application code.\n\nPlease update the json gem to version 2.3.0 or later. You can use gem update json to update it. If you are using bundler, please add gem 'json', '>= 2.3.0' to your Gemfile.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "FreeBSD : rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) (40194e1c-6d89-11ea-8082-80ee73419af3)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-05-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:rubygem-json", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "href": "https://www.tenable.com/plugins/nessus/134921", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134921);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/13\");\n\n script_cve_id(\"CVE-2020-10663\");\n\n script_name(english:\"FreeBSD : rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) (40194e1c-6d89-11ea-8082-80ee73419af3)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When parsing certain JSON documents, the json gem (including the one\nbundled with Ruby) can be coerced into creating arbitrary objects in\nthe target system.\n\nThis is the same issue as CVE-2013-0269. The previous fix was\nincomplete, which addressed JSON.parse(user_input), but didn't\naddress some other styles of JSON parsing including JSON(user_input)\nand JSON.parse(user_input, nil).\n\nSee CVE-2013-0269 in detail. Note that the issue was exploitable to\ncause a Denial of Service by creating many garbage-uncollectable\nSymbol objects, but this kind of attack is no longer valid because\nSymbol objects are now garbage-collectable. However, creating\narbitrary bjects may cause severe security consequences depending upon\nthe application code.\n\nPlease update the json gem to version 2.3.0 or later. You can use gem\nupdate json to update it. If you are using bundler, please add gem\n'json', '>= 2.3.0' to your Gemfile.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/\"\n );\n # https://vuxml.freebsd.org/freebsd/40194e1c-6d89-11ea-8082-80ee73419af3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e54143b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"rubygem-json<2.3.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:31:52", "description": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe object creation vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "Debian DLA-2192-1 : ruby2.1 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libruby2.1", "p-cpe:/a:debian:debian_linux:ruby2.1", "p-cpe:/a:debian:debian_linux:ruby2.1-dev", "p-cpe:/a:debian:debian_linux:ruby2.1-doc", "p-cpe:/a:debian:debian_linux:ruby2.1-tcltk", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2192.NASL", "href": "https://www.tenable.com/plugins/nessus/136202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2192-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136202);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2020-10663\");\n\n script_name(english:\"Debian DLA-2192-1 : ruby2.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe\nobject creation vulnerability. This is quite similar to CVE-2013-0269,\nbut does not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a\nmalicious object within the interpreter, with adverse effects that are\napplication-dependent.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/ruby2.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libruby2.1\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-dev\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-doc\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-tcltk\", reference:\"2.1.5-2+deb8u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T06:39:55", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:2462 advisory.\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : pcs (RLSA-2020:2462)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:pcs", "p-cpe:/a:rocky:linux:pcs-snmp", "p-cpe:/a:rocky:linux:rubygem-abrt", "p-cpe:/a:rocky:linux:rubygem-abrt-doc", "p-cpe:/a:rocky:linux:rubygem-bson", "p-cpe:/a:rocky:linux:rubygem-bson-debuginfo", "p-cpe:/a:rocky:linux:rubygem-bson-debugsource", "p-cpe:/a:rocky:linux:rubygem-bson-doc", "p-cpe:/a:rocky:linux:rubygem-bundler", "p-cpe:/a:rocky:linux:rubygem-bundler-doc", "p-cpe:/a:rocky:linux:rubygem-mongo", "p-cpe:/a:rocky:linux:rubygem-mongo-doc", "p-cpe:/a:rocky:linux:rubygem-mysql2", "p-cpe:/a:rocky:linux:rubygem-mysql2-debuginfo", "p-cpe:/a:rocky:linux:rubygem-mysql2-debugsource", "p-cpe:/a:rocky:linux:rubygem-mysql2-doc", "p-cpe:/a:rocky:linux:rubygem-pg", "p-cpe:/a:rocky:linux:rubygem-pg-debuginfo", "p-cpe:/a:rocky:linux:rubygem-pg-debugsource", "p-cpe:/a:rocky:linux:rubygem-pg-doc", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2020-2462.NASL", "href": "https://www.tenable.com/plugins/nessus/157830", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2020:2462.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157830);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\"CVE-2020-10663\");\n script_xref(name:\"RLSA\", value:\"2020:2462\");\n\n script_name(english:\"Rocky Linux 8 : pcs (RLSA-2020:2462)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2020:2462 advisory.\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2020:2462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1827500\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1832914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1838084\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1840158\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pcs-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-abrt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bundler-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mongo-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'pcs-0.10.8-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-0.10.8-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.8-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.8-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-0.3.0-4.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-doc-0.3.0-4.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.3'},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.3'},\n {'reference':'rubygem-bson-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.5'},\n {'reference':'rubygem-bson-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.5'},\n {'reference':'rubygem-bson-debuginfo-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.3'},\n {'reference':'rubygem-bson-debuginfo-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.3'},\n {'reference':'rubygem-bson-debuginfo-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.5'},\n {'reference':'rubygem-bson-debuginfo-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.5'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.3'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.3'},\n {'reference':'rubygem-bson-debugsource-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.5'},\n {'reference':'rubygem-bson-debugsource-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.5'},\n {'reference':'rubygem-bson-doc-4.3.0-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-doc-4.3'},\n {'reference':'rubygem-bson-doc-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-doc-4.5'},\n {'reference':'rubygem-bundler-1.16.1-3.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bundler-doc-1.16.1-3.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mongo-2.5.1-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-2.5'},\n {'reference':'rubygem-mongo-2.8.0-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-2.8'},\n {'reference':'rubygem-mongo-doc-2.5.1-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-doc-2.5'},\n {'reference':'rubygem-mongo-doc-2.8.0-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-doc-2.8'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.4'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.4'},\n {'reference':'rubygem-mysql2-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.5'},\n {'reference':'rubygem-mysql2-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.5'},\n {'reference':'rubygem-mysql2-debuginfo-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.4'},\n {'reference':'rubygem-mysql2-debuginfo-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.4'},\n {'reference':'rubygem-mysql2-debuginfo-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.5'},\n {'reference':'rubygem-mysql2-debuginfo-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.5'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.4'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.4'},\n {'reference':'rubygem-mysql2-debugsource-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.5'},\n {'reference':'rubygem-mysql2-debugsource-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.5'},\n {'reference':'rubygem-mysql2-doc-0.4.10-4.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-doc-0.4'},\n {'reference':'rubygem-mysql2-doc-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-doc-0.5'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.0'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.0'},\n {'reference':'rubygem-pg-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.1'},\n {'reference':'rubygem-pg-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.1'},\n {'reference':'rubygem-pg-debuginfo-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.0'},\n {'reference':'rubygem-pg-debuginfo-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.0'},\n {'reference':'rubygem-pg-debuginfo-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.1'},\n {'reference':'rubygem-pg-debuginfo-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.1'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.0'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.0'},\n {'reference':'rubygem-pg-debugsource-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.1'},\n {'reference':'rubygem-pg-debugsource-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.1'},\n {'reference':'rubygem-pg-doc-1.0.0-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-doc-1.0'},\n {'reference':'rubygem-pg-doc-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-doc-1.1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pcs / pcs-snmp / rubygem-abrt / rubygem-abrt-doc / rubygem-bson / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:43:57", "description": "New ruby packages are available for Slackware 13.1, 13.37, 14.0, and\n-current to fix security issues.", "cvss3": {}, "published": "2013-03-17T00:00:00", "type": "nessus", "title": "Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:ruby", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0"], "id": "SLACKWARE_SSA_2013-075-01.NASL", "href": "https://www.tenable.com/plugins/nessus/65583", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2013-075-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65583);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2013-1821\");\n script_bugtraq_id(57899, 58141);\n script_xref(name:\"SSA\", value:\"2013-075-01\");\n\n script_name(english:\"Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New ruby packages are available for Slackware 13.1, 13.37, 14.0, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?091d35a6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.1\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T14:32:33", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009)\n\nAll users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64 (20120130)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:irb", "p-cpe:/a:fermilab:scientific_linux:ruby", "p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ruby-devel", "p-cpe:/a:fermilab:scientific_linux:ruby-docs", "p-cpe:/a:fermilab:scientific_linux:ruby-irb", "p-cpe:/a:fermilab:scientific_linux:ruby-libs", "p-cpe:/a:fermilab:scientific_linux:ruby-mode", "p-cpe:/a:fermilab:scientific_linux:ruby-rdoc", "p-cpe:/a:fermilab:scientific_linux:ruby-ri", "p-cpe:/a:fermilab:scientific_linux:ruby-tcltk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120130_RUBY_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61228", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61228);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-4815\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64 (20120130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (hashes) in Ruby. An attacker able to supply a\nlarge number of inputs to a Ruby application (such as HTTP POST\nrequest parameters sent to a web application) that are used as keys\nwhen inserting data into an array could trigger multiple hash function\ncollisions, making array operations take an excessive amount of CPU\ntime. To mitigate this issue, randomization has been added to the hash\nfunction to reduce the chance of an attacker successfully causing\nintentional collisions. (CVE-2011-4815)\n\nIt was found that Ruby did not reinitialize the PRNG (pseudorandom\nnumber generator) after forking a child process. This could eventually\nlead to the PRNG returning the same result twice. An attacker keeping\ntrack of the values returned by one child process could use this flaw\nto predict the values the PRNG would return in other child processes\n(as long as the parent process persisted). (CVE-2011-3009)\n\nAll users of ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1201&L=scientific-linux-errata&T=0&P=2427\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?defcefc9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"irb-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-debuginfo-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-devel-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-docs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-libs-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-mode-1.8.1-18.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-tcltk-1.8.1-18.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"ruby-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-debuginfo-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-devel-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-docs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-irb-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-libs-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-mode-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-rdoc-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-ri-1.8.5-22.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-tcltk-1.8.5-22.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:18:54", "description": "An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.\n(CVE-2018-16396)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269 , but does not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. (CVE-2020-10663)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby20 (ALAS-2020-1416)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2018-16396", "CVE-2020-10663"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby20", "p-cpe:/a:amazon:linux:ruby20-debuginfo", "p-cpe:/a:amazon:linux:ruby20-devel", "p-cpe:/a:amazon:linux:ruby20-doc", "p-cpe:/a:amazon:linux:ruby20-irb", "p-cpe:/a:amazon:linux:ruby20-libs", "p-cpe:/a:amazon:linux:rubygem20-bigdecimal", "p-cpe:/a:amazon:linux:rubygem20-io-console", "p-cpe:/a:amazon:linux:rubygem20-psych", "p-cpe:/a:amazon:linux:rubygems20", "p-cpe:/a:amazon:linux:rubygems20-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1416.NASL", "href": "https://www.tenable.com/plugins/nessus/139550", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1416.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139550);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2018-16396\", \"CVE-2020-10663\");\n script_xref(name:\"ALAS\", value:\"2020-1416\");\n\n script_name(english:\"Amazon Linux AMI : ruby20 (ALAS-2020-1416)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5,\n2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint\nstrings that result from unpacking tainted strings with some formats.\n(CVE-2018-16396)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through\n2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object\nCreation Vulnerability. This is quite similar to CVE-2013-0269 , but\ndoes not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a\nmalicious object within the interpreter, with adverse effects that are\napplication-dependent. (CVE-2020-10663)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1416.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ruby20' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16396\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-debuginfo-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-devel-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-doc-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-irb-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-libs-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-bigdecimal-1.2.0-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-io-console-0.4.2-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-psych-2.0.0-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems20-2.0.14.1-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems20-devel-2.0.14.1-1.33.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby20 / ruby20-debuginfo / ruby20-devel / ruby20-doc / ruby20-irb / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:19:32", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n - There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.(CVE-2020-8130)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-08T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-8130"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1955.NASL", "href": "https://www.tenable.com/plugins/nessus/140325", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140325);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-8130\", \"CVE-2020-10663\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\n - There is an OS command injection vulnerability in Ruby\n Rake < 12.3.3 in Rake::FileList when supplying a\n filename that begins with the pipe character\n `|`.(CVE-2020-8130)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1955\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?40ed6847\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8130\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h26\",\n \"ruby-irb-2.0.0.648-33.h26\",\n \"ruby-libs-2.0.0.648-33.h26\",\n \"rubygem-bigdecimal-1.2.0-33.h26\",\n \"rubygem-io-console-0.4.2-33.h26\",\n \"rubygem-json-1.7.7-33.h26\",\n \"rubygem-psych-2.0.0-33.h26\",\n \"rubygem-rdoc-4.0.0-33.h26\",\n \"rubygems-2.0.14.1-33.h26\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:34:29", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-26T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : ruby (EulerOS-SA-2020-1590)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-10933"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1590.NASL", "href": "https://www.tenable.com/plugins/nessus/136868", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136868);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n\n script_name(english:\"EulerOS 2.0 SP8 : ruby (EulerOS-SA-2020-1590)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7,\n 2.6.x through 2.6.5, and 2.7.0. If a victim calls\n BasicSocket#read_nonblock(requested_size, buffer,\n exception: false), the method resizes the buffer to fit\n the requested size, but no data is copied. Thus, the\n buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the\n interpreter.(CVE-2020-10933)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1590\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1126f8ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10933\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-irb-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-libs-2.5.1-98.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:36:09", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1615)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2019-16201", "CVE-2020-10663"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1615.NASL", "href": "https://www.tenable.com/plugins/nessus/137033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137033);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-16201\",\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1615)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7,\n 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a\n regular expression Denial of Service cause by\n looping/backtracking. A victim must expose a WEBrick\n server that uses DigestAuth to the Internet or a\n untrusted network.(CVE-2019-16201)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1615\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5b5b6975\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10663\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h25.eulerosv2r7\",\n \"ruby-irb-2.0.0.648-33.h25.eulerosv2r7\",\n \"ruby-libs-2.0.0.648-33.h25.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-25T14:35:20", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-25T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2020-1691)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-10933"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-openssl", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1691.NASL", "href": "https://www.tenable.com/plugins/nessus/137798", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137798);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2020-1691)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7,\n 2.6.x through 2.6.5, and 2.7.0. If a victim calls\n BasicSocket#read_nonblock(requested_size, buffer,\n exception: false), the method resizes the buffer to fit\n the requested size, but no data is copied. Thus, the\n buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the\n interpreter.(CVE-2020-10933)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1691\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2e474eb4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10933\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-irb-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-libs-2.5.1-98.h8.eulerosv2r8\",\n \"rubygem-bigdecimal-1.3.4-98.h8.eulerosv2r8\",\n \"rubygem-io-console-0.4.6-98.h8.eulerosv2r8\",\n \"rubygem-json-2.1.0-98.h8.eulerosv2r8\",\n \"rubygem-openssl-2.1.0-98.h8.eulerosv2r8\",\n \"rubygem-psych-3.0.2-98.h8.eulerosv2r8\",\n \"rubygem-rdoc-6.0.1-98.h8.eulerosv2r8\",\n \"rubygems-2.7.6-98.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T14:12:39", "description": "This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes while maintaining full compatibility with the previous version. A detailailed list of changes is available from http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks. If available, OpenSSL::Random.seed at the SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686 / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.", "cvss3": {}, "published": "2012-02-06T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ruby", "p-cpe:/a:novell:suse_linux:11:ruby-doc-html", "p-cpe:/a:novell:suse_linux:11:ruby-tk", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_RUBY-187P357-120127.NASL", "href": "https://www.tenable.com/plugins/nessus/57841", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57841);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-4815\");\n\n script_name(english:\"SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of ruby provides 1.8.7p357, which contains many stability\nfixes and bug fixes while maintaining full compatibility with the\nprevious version. A detailailed list of changes is available from\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid\n algorithmic complexity attacks. If available,\n OpenSSL::Random.seed at the SecureRandom.random_bytes is\n used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686\n / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=740796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2705.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5716.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ruby-doc-html-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ruby-tk-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"ruby-doc-html-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"ruby-tk-1.8.7.p357-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-23T15:38:34", "description": "This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes, which are fully compatible with the previous version. You can review the detailed list here :\n\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog\n\nThe particularly noteworthy fixes are :\n\n - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks (CVE-2011-4815). For this OpenSSL::Random.seed at the SecureRandom.random_bytes is used if available.\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - initialize store->ex_data.sk.\n\n - some IPv6 related fixes\n\n - zlib fixes\n\n - reinitialize PRNG when forking children (CVE-2011-2686/CVE-2011-3009)\n\n - securerandom fixes (CVE-2011-2705)\n\n - uri route_to fixes\n\n - fix race condition with variables and autoload", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ruby (openSUSE-SU-2012:0228-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ruby", "p-cpe:/a:novell:opensuse:ruby-debuginfo", "p-cpe:/a:novell:opensuse:ruby-debugsource", "p-cpe:/a:novell:opensuse:ruby-devel", "p-cpe:/a:novell:opensuse:ruby-doc-html", "p-cpe:/a:novell:opensuse:ruby-doc-ri", "p-cpe:/a:novell:opensuse:ruby-examples", "p-cpe:/a:novell:opensuse:ruby-test-suite", "p-cpe:/a:novell:opensuse:ruby-tk", "p-cpe:/a:novell:opensuse:ruby-tk-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_RUBY-120117.NASL", "href": "https://www.tenable.com/plugins/nessus/76015", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update ruby-5660.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76015);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-4815\");\n\n script_name(english:\"openSUSE Security Update : ruby (openSUSE-SU-2012:0228-1)\");\n script_summary(english:\"Check for the ruby-5660 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of ruby provides 1.8.7p357, which contains many stability\nfixes and bug fixes, which are fully compatible with the previous\nversion. You can review the detailed list here :\n\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog\n\nThe particularly noteworthy fixes are :\n\n - Hash functions are now using a randomized seed to avoid\n algorithmic complexity attacks (CVE-2011-4815). For this\n OpenSSL::Random.seed at the SecureRandom.random_bytes is\n used if available.\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - initialize store->ex_data.sk.\n\n - some IPv6 related fixes\n\n - zlib fixes\n\n - reinitialize PRNG when forking children\n (CVE-2011-2686/CVE-2011-3009)\n\n - securerandom fixes (CVE-2011-2705)\n\n - uri route_to fixes\n\n - fix race condition with variables and autoload\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-02/msg00024.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-test-suite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-debuginfo-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-debugsource-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-devel-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-doc-html-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-doc-ri-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-examples-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-test-suite-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-tk-1.8.7.p357-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"ruby-tk-debuginfo-1.8.7.p357-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-22T14:27:05", "description": "This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes while maintaining full compatibility with the previous version. A detailailed list of changes is available from http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks. If available, OpenSSL::Random.seed at the SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686 / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.", "cvss3": {}, "published": "2012-02-06T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2011-2705", "CVE-2011-3009", "CVE-2011-4815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ruby", "p-cpe:/a:novell:suse_linux:11:ruby-doc-html", "p-cpe:/a:novell:suse_linux:11:ruby-tk", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_RUBY-187P357-120126.NASL", "href": "https://www.tenable.com/plugins/nessus/57840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57840);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2011-2705\", \"CVE-2011-3009\", \"CVE-2011-4815\");\n\n script_name(english:\"SuSE 11.1 Security Update : ruby (SAT Patch Number 5716)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of ruby provides 1.8.7p357, which contains many stability\nfixes and bug fixes while maintaining full compatibility with the\nprevious version. A detailailed list of changes is available from\nhttp://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog .\n\nThe most important fixes are :\n\n - Hash functions are now using a randomized seed to avoid\n algorithmic complexity attacks. If available,\n OpenSSL::Random.seed at the SecureRandom.random_bytes is\n used to achieve this. (CVE-2011-4815)\n\n - mkconfig.rb: fix for continued lines.\n\n - Fix Infinity to be greater than any bignum number.\n\n - Initialize store->ex_data.sk.\n\n - Several IPv6 related fixes.\n\n - Fixes for zlib.\n\n - Reinitialize PRNG when forking children. (CVE-2011-2686\n / CVE-2011-3009)\n\n - Fixes to securerandom. (CVE-2011-2705)\n\n - Fix uri route_to\n\n - Fix race condition with variables and autoload.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=740796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2705.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5716.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ruby-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ruby-doc-html-1.8.7.p357-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ruby-tk-1.8.7.p357-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-15T14:14:01", "description": "oCERT reports :\n\nA variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms.\n\nThe issue finds particular exposure in web server applications and/or frameworks. In particular, the lack of sufficient limits for the number of parameters in POST requests in conjunction with the predictable collision properties in the hashing functions of the underlying languages can render web applications vulnerable to the DoS condition. The attacker, using specially crafted HTTP requests, can lead to a 100% of CPU usage which can last up to several hours depending on the targeted application and server performance, the amplification effect is considerable and requires little bandwidth and time on the attacker side.\n\nThe condition for predictable collisions in the hashing functions has been reported for the following language implementations : Java, JRuby, PHP, Python, Rubinius, Ruby. In the case of the Ruby language, the 1.9.x branch is not affected by the predictable collision condition since this version includes a randomization of the hashing function.\n\nThe vulnerability outlined in this advisory is practically identical to the one reported in 2003 and described in the paper Denial of Service via Algorithmic Complexity Attacks which affected the Perl language.", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "nessus", "title": "FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-5036", "CVE-2011-5037"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:jruby", "p-cpe:/a:freebsd:freebsd:node", "p-cpe:/a:freebsd:freebsd:redis", "p-cpe:/a:freebsd:freebsd:ruby", "p-cpe:/a:freebsd:freebsd:ruby%2bnopthreads", "p-cpe:/a:freebsd:freebsd:ruby%2bnopthreads%2boniguruma", "p-cpe:/a:freebsd:freebsd:ruby%2boniguruma", "p-cpe:/a:freebsd:freebsd:rubygem-rack", "p-cpe:/a:freebsd:freebsd:v8", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "href": "https://www.tenable.com/plugins/nessus/57552", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57552);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4815\", \"CVE-2011-4838\", \"CVE-2011-5036\", \"CVE-2011-5037\");\n\n script_name(english:\"FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"oCERT reports :\n\nA variety of programming languages suffer from a denial-of-service\n(DoS) condition against storage functions of key/value pairs in hash\ndata structures, the condition can be leveraged by exploiting\npredictable collisions in the underlying hashing algorithms.\n\nThe issue finds particular exposure in web server applications and/or\nframeworks. In particular, the lack of sufficient limits for the\nnumber of parameters in POST requests in conjunction with the\npredictable collision properties in the hashing functions of the\nunderlying languages can render web applications vulnerable to the DoS\ncondition. The attacker, using specially crafted HTTP requests, can\nlead to a 100% of CPU usage which can last up to several hours\ndepending on the targeted application and server performance, the\namplification effect is considerable and requires little bandwidth and\ntime on the attacker side.\n\nThe condition for predictable collisions in the hashing functions has\nbeen reported for the following language implementations : Java,\nJRuby, PHP, Python, Rubinius, Ruby. In the case of the Ruby language,\nthe 1.9.x branch is not affected by the predictable collision\ncondition since this version includes a randomization of the hashing\nfunction.\n\nThe vulnerability outlined in this advisory is practically identical\nto the one reported in 2003 and described in the paper Denial of\nService via Algorithmic Complexity Attacks which affected the Perl\nlanguage.\"\n );\n # http://www.ocert.org/advisories/ocert-2011-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2011-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nruns.com/_downloads/advisory28122011.pdf\"\n );\n # https://vuxml.freebsd.org/freebsd/91be81e7-3fea-11e1-afc7-2c4138874f7d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?64765f40\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:jruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+nopthreads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+nopthreads+oniguruma\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+oniguruma\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem-rack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:v8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"jruby<1.6.5.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby<1.8.7.357,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+nopthreads<1.8.7.357,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+nopthreads+oniguruma<1.8.7.357,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+oniguruma<1.8.7.357,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem-rack<1.3.6,3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"v8<3.8.5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"redis<=2.4.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node<0.6.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:34:17", "description": "ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 (bnc#802406)\n\n - XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256)\n\n - for other changes see /usr/share/doc/packages/ruby19/Changelog\n\nUpdate to 1.9.3 p327 (bnc#789983)\n\n - CVE-2012-5371 and plenty of other fixes\n\nUpdate to 1.9.3 p286 (bnc#783511, bnc#791199)\n\n - This release includes some security fixes, and many other bug fixes. $SAFE escaping vulnerability about Exception#to_s / NameError#to_s (CVE-2012-4464, CVE-2012-4466)\n\n - Unintentional file creation caused by inserting an illegal NUL character many other bug fixes.\n (CVE-2012-4522) Also following bugfixes and packaging fixes were done :\n\n - make sure the rdoc output is more stable for build-compare (new patch ruby-sort-rdoc-output.patch)\n\n - readd the private header *atomic.h\n\n - remove build depencency on ca certificates - only causing cycles\n\n - one more header needed for rubygem-ruby-debug-base19\n\n - install vm_core.h and its dependencies as ruby-devel-extra\n\n - move the provides to the ruby package instead\n\n - add provides for the internal gems\n\n - restore the old ruby macros and the gem wrapper script\n\n - gem_install_wrapper no longer necessary", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4464", "CVE-2012-4466", "CVE-2012-4522", "CVE-2012-5371", "CVE-2013-0256"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ruby19", "p-cpe:/a:novell:opensuse:ruby19-debuginfo", "p-cpe:/a:novell:opensuse:ruby19-debugsource", "p-cpe:/a:novell:opensuse:ruby19-devel", "p-cpe:/a:novell:opensuse:ruby19-devel-extra", "p-cpe:/a:novell:opensuse:ruby19-doc-ri", "p-cpe:/a:novell:opensuse:ruby19-tk", "p-cpe:/a:novell:opensuse:ruby19-tk-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-167.NASL", "href": "https://www.tenable.com/plugins/nessus/74909", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-167.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74909);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2012-4522\", \"CVE-2012-5371\", \"CVE-2013-0256\");\n script_bugtraq_id(55757, 56115, 56484, 57785);\n\n script_name(english:\"openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)\");\n script_summary(english:\"Check for the openSUSE-2013-167 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ruby19 was updated to fix various bugs and security issues: Update to\n1.9.3 p385 (bnc#802406)\n\n - XSS exploit of RDoc documentation generated by rdoc\n (CVE-2013-0256)\n\n - for other changes see\n /usr/share/doc/packages/ruby19/Changelog\n\nUpdate to 1.9.3 p327 (bnc#789983)\n\n - CVE-2012-5371 and plenty of other fixes\n\nUpdate to 1.9.3 p286 (bnc#783511, bnc#791199)\n\n - This release includes some security fixes, and many\n other bug fixes. $SAFE escaping vulnerability about\n Exception#to_s / NameError#to_s (CVE-2012-4464,\n CVE-2012-4466)\n\n - Unintentional file creation caused by inserting an\n illegal NUL character many other bug fixes.\n (CVE-2012-4522) Also following bugfixes and packaging\n fixes were done :\n\n - make sure the rdoc output is more stable for\n build-compare (new patch ruby-sort-rdoc-output.patch)\n\n - readd the private header *atomic.h\n\n - remove build depencency on ca certificates - only\n causing cycles\n\n - one more header needed for rubygem-ruby-debug-base19\n\n - install vm_core.h and its dependencies as\n ruby-devel-extra\n\n - move the provides to the ruby package instead\n\n - add provides for the internal gems\n\n - restore the old ruby macros and the gem wrapper script\n\n - gem_install_wrapper no longer necessary\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=783511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=791199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-03/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ruby19 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-devel-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensus

Debian DLA-263-1 : ruby1.9.1 security update

Description

Related