| Reporter | Title | Published | Views | Family All 246 |
|---|---|---|---|---|
| RubyGems -- multiple vulnerabilities | 5 Mar 201900:00 | – | freebsd | |
| Installing a malicious gem may lead to arbitrary code execution | 17 Mar 202000:00 | – | attackerkb | |
| Amazon Linux 2 : ruby (ALAS-2019-1249) | 24 Jul 201900:00 | – | nessus | |
| Amazon Linux AMI : ruby20 / ruby21, ruby24 (ALAS-2019-1255) | 13 Aug 201900:00 | – | nessus | |
| CentOS 8 : ruby:2.5 (CESA-2019:1972) | 29 Jan 202100:00 | – | nessus | |
| CentOS 7 : ruby (CESA-2019:1235) | 22 May 201900:00 | – | nessus | |
| Debian DLA-1735-1 : ruby2.1 security update | 1 Apr 201900:00 | – | nessus | |
| Debian DLA-1796-1 : jruby security update | 21 May 201900:00 | – | nessus | |
| Debian DLA-2330-1 : jruby security update | 18 Aug 202000:00 | – | nessus | |
| Debian DSA-4433-1 : ruby2.3 - security update | 17 Apr 201900:00 | – | nessus |
| Source | Link |
|---|---|
| debian | www.debian.org/lts/security/2019/DLA-1735-1 |
| wiki | www.wiki.debian.org/LTS |
# SPDX-FileCopyrightText: 2019 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.891735");
script_cve_id("CVE-2019-8320", "CVE-2019-8322", "CVE-2019-8323", "CVE-2019-8324", "CVE-2019-8325");
script_tag(name:"creation_date", value:"2019-04-02 20:00:00 +0000 (Tue, 02 Apr 2019)");
script_version("2024-02-02T05:06:07+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:07 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"8.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-06-18 18:30:27 +0000 (Tue, 18 Jun 2019)");
script_name("Debian: Security Advisory (DLA-1735-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2019 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB8");
script_xref(name:"Advisory-ID", value:"DLA-1735-1");
script_xref(name:"URL", value:"https://www.debian.org/lts/security/2019/DLA-1735-1");
script_xref(name:"URL", value:"https://wiki.debian.org/LTS");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'ruby2.1' package(s) announced via the DLA-1735-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language.
CVE-2019-8320
A Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination.
CVE-2019-8322
The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.
CVE-2019-8323
Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
CVE-2019-8324
A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
CVE-2019-8325
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
For Debian 8 Jessie, these problems have been fixed in version 2.1.5-2+deb8u7.
We recommend that you upgrade your ruby2.1 packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references]");
script_tag(name:"affected", value:"'ruby2.1' package(s) on Debian 8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB8") {
if(!isnull(res = isdpkgvuln(pkg:"libruby2.1", ver:"2.1.5-2+deb8u7", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby2.1", ver:"2.1.5-2+deb8u7", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby2.1-dev", ver:"2.1.5-2+deb8u7", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby2.1-doc", ver:"2.1.5-2+deb8u7", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ruby2.1-tcltk", ver:"2.1.5-2+deb8u7", rls:"DEB8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation