Amazon Linux AMI : ruby21 (ALAS-2015-548)

RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the hostname returned in...

Amazon Linux AMI : ruby22 (ALAS-2015-549)

RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the hostname returned in...

Amazon Linux AMI : ruby20 (ALAS-2015-547)

RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the hostname returned in...

Medium: ruby21

Issue Overview: RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the...

Medium: ruby20

Issue Overview: RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the...

Medium: ruby22

Issue Overview: RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the...

RubyGems BSON Denial of Service Vulnerability

RubyGems or gems for short is a Ruby packaging system for packaging Ruby components. A denial of service vulnerability exists in RubyGems BSON. This vulnerability allows attackers to launch denial of service attacks...

RubyGems remote_fetcher.rb api_endpoint() Function Missing SRV Record Hostname Validation Request Hijacking

RubyGems contains a flaw in the apiendpoint function in remotefetcher.rb that is triggered when handling hostnames in SRV records. With a specially crafted response, a context-dependent attacker may conduct DNS hijacking attacks. This vulnerability is due to an incomplete fix for CVE-2015-3900,...

FreeBSD : rubygems -- request hijacking vulnerability (a0089e18-fc9e-11e4-bc58-001e67150279)

Jonathan Claudius reports : RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specifically a SRV record rubygems.tcp under the original requested domain. RubyGems did not...

CVE-2015-3900 rubygems: DNS hijacking vulnerability in api_endpoint()

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack." A flaw was found in a...

rubygems -- request hijacking vulnerability

Jonathan Claudius reports: RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specifically a SRV record rubygems.tcp under the original requested domain. RubyGems did not...

RubyGems: Request Hijacking Vulnerability In RubyGems 2.4.6 And Earlier

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-007/?fid=6356...

Multi Gather RubyGems API Key

This module obtains a user's RubyGems API key from /.gem/credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi Gather RubyGems API Key', 'Description' = %q This module obtains a...

Oracle Solaris Third-Party Patch Update : rubygems (cve_2012_2125_https_to)

The remote Solaris system is missing necessary patches to address security updates : - RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. CVE-2012-2125 - RubyGems...

Oracle Solaris Third-Party Patch Update : rubygems (multiple_cryptographic_issues_vulnerabilities_in1)

The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/ rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby...

RubyGems Doorkeeper Cross-Site Request Forgery Vulnerability

RubyGems gems is a Ruby packaging system for packaging Ruby components. A cross-site request forgery vulnerability exists in RubyGems Doorkeeper because it fails to properly validate HTTP requests. An attacker could use this vulnerability to perform unauthorized actions in the context of a...

RHEL 6 : MRG (RHSA-2013:1852)

Updated Grid component packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.4 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whi...

openSUSE Security Update : rubygems (openSUSE-SU-2014:0332-1)

This update fixes the following issue with some rubygems : - bnc864873: fix rubygem patches are not applied to the gem but only to the tree. Packages embedding rubygems via their .gem files were not receiving security updates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

WPScan - WordPress Security Scanner

WPScan is a black box WordPress vulnerability scanner. Features Username enumeration from author querystring and location header Weak password cracking multithreaded Version enumeration from generator meta tag and from client side files Vulnerability enumeration based on version Plugin enumeratio...

Puppet Enterprise 3.x < 3.1.1 Multiple Vulnerabilities

According to its self-reported version number, the Puppet Enterprise 3.x install on the remote host is prior to 3.1.1. As a result, it is reportedly affected by multiple vulnerabilities : - An input validation error exists related to the included Ruby version, handling string to floating point...