EUVD-2006-5452

Malware in sbrugna...

Ruby: Denial of Service vulnerability

Background Ruby is a dynamic, open source programming language with a focus on simplicity and productivity. Description The readmultipart function of the CGI library shipped with Ruby cgi.rb does not properly check boundaries in MIME multipart content. This is a different issue than GLSA 200611-1...

Ruby CGI multipart parsing DoS

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and...

CVE-2006-5467

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and...

ruby -- cgi.rb library Denial of Service

Official ruby site reports: A vulnerability has been discovered in the CGI library cgi.rb that ships with Ruby which could be used by a malicious user to create a denial of service attack DoS. The problem is triggered by sending the library an HTTP request that uses multipart MIME encoding and as...