Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2021 Tenable Network Security, Inc.DEBIAN_DSA-1157.NASL
HistoryOct 14, 2006 - 12:00 a.m.

Debian DSA-1157-1 : ruby1.8 - several vulnerabilities

2006-10-1400:00:00
This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.
www.tenable.com
11
JSON

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems :

  • CVE-2006-1931 It was discovered that the use of blocking sockets can lead to denial of service.

  • CVE-2006-3964 It was discovered that Ruby does not properly maintain ‘safe levels’ for aliasing, directory accesses and regular expressions, which might lead to a bypass of security restrictions.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1157. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(22699);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2006-1931", "CVE-2006-3694");
  script_xref(name:"DSA", value:"1157");

  script_name(english:"Debian DSA-1157-1 : ruby1.8 - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in the interpreter for
the Ruby language, which may lead to the bypass of security
restrictions or denial of service. The Common Vulnerabilities and
Exposures project identifies the following problems :

  - CVE-2006-1931
    It was discovered that the use of blocking sockets can
    lead to denial of service.

  - CVE-2006-3964
    It was discovered that Ruby does not properly maintain
    'safe levels' for aliasing, directory accesses and
    regular expressions, which might lead to a bypass of
    security restrictions."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=378029"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365520"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2006-1931"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2006-3964"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2006/dsa-1157"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the Ruby packages.

For the stable distribution (sarge) these problems have been fixed in
version 1.8.2-7sarge4."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:ruby1.8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/08/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
  script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"3.1", prefix:"irb1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libdbm-ruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libgdbm-ruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libopenssl-ruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libreadline-ruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libruby1.8-dbg", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"libtcltk-ruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"rdoc1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ri1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ruby1.8", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ruby1.8-dev", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ruby1.8-elisp", reference:"1.8.2-7sarge4")) flag++;
if (deb_check(release:"3.1", prefix:"ruby1.8-examples", reference:"1.8.2-7sarge4")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxruby1.8p-cpe:/a:debian:debian_linux:ruby1.8
debiandebian_linux3.1cpe:/o:debian:debian_linux:3.1

Related

openvas 11
debian 2
osv 2
redhat 2
nessus 20
freebsd 1
centos 3
securityvulns 1
ubuntu 2
ubuntucve 2
cve 3
gentoo 1
prion 1
oraclelinux 2
openvas
openvas
Debian: Security Advisory (DSA-1157)
2008-01-17 00:00:00
Debian Security Advisory DSA 1157-1 (ruby1.8)
2008-01-17 00:00:00
FreeBSD Ports: ruby, ruby_static
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1157-1] New ruby1.8 packages fix several vulnerabilities
2006-08-27 19:51:21
[SECURITY] [DSA 1139-1] New ruby1.6 packages fix privilege escalation
2006-08-03 17:35:15
osv
osv
ruby1.8
2006-08-27 00:00:00
ruby1.6 - missing privilege checks
2006-08-03 00:00:00
redhat
redhat
(RHSA-2006:0604) ruby security update
2006-07-27 00:00:00
(RHSA-2006:0427) ruby security update
2006-05-09 00:00:00
nessus
nessus
Fedora Core 5 : ruby-1.8.4-8.fc5 (2006-849)
2007-01-17 00:00:00
FreeBSD : ruby -- multiple vulnerabilities (76562594-1f19-11db-b7d4-0008743bf21a)
2006-08-04 00:00:00
Fedora Core 4 : ruby-1.8.4-3.fc4 (2006-842)
2007-01-17 00:00:00
freebsd
freebsd
ruby -- multiple vulnerabilities
2006-07-12 00:00:00
centos
centos
irb, ruby security update
2006-07-31 00:23:57
irb, ruby security update
2006-07-29 11:51:34
irb, ruby security update
2006-05-09 13:14:56
securityvulns
securityvulns
[SECURITY] [DSA 1139-1] New ruby1.6 packages fix privilege escalation
2006-08-04 00:00:00
ubuntu
ubuntu
ruby1.8 vulnerability
2006-07-28 00:00:00
Ruby vulnerability
2006-04-24 00:00:00
ubuntucve
ubuntucve
CVE-2006-3694
2006-07-21 00:00:00
CVE-2006-1931
2006-04-20 00:00:00
cve
cve
CVE-2006-3694
2006-07-21 14:03:00
CVE-2006-3964
2006-08-01 22:04:00
CVE-2006-1931
2006-04-20 21:02:00
gentoo
gentoo
Ruby: Denial of service
2006-05-10 00:00:00
prion
prion
Design/Logic Flaw
2006-04-20 21:02:00
oraclelinux
oraclelinux
Moderate ruby security update
2006-11-30 00:00:00
Moderate ruby security update
2006-11-30 00:00:00
JSON
Related for DEBIAN_DSA-1157.NASL
openvas11debian2osv2redhat2nessus20freebsd1centos3securityvulns1ubuntu2ubuntucve2cve3gentoo1prion1oraclelinux2