Lucene search
K

55 matches found

securityvulns
securityvulns
added 2006/12/07 12:0 a.m.72 views

[ MDKSA-2006:225 ] - Updated ruby packages fix DoS vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:225 http://www.mandriva.com/security/ Package : ruby Date : December 6, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 Problem Description: Another vulnerability has been discovered in the CGI...

5CVSS7.3AI score0.03703EPSS
Exploits1
securityvulns
securityvulns
added 2006/12/07 12:0 a.m.44 views

ruby DoS

SPU axhaustion in CGI library on parsing HTTP request with invalid MIME booundaries...

1.4AI score
Exploits0References2Affected Software1
RubySec
RubySec
added 2006/12/06 12:0 a.m.2 views

Another DoS Vulnerability in CGI Library

The readmultipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service infinite loop via crafted HTTP requests, a different issue than CVE-2006-5467...

5CVSS5.6AI score0.03703EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/12/06 12:0 a.m.34 views

FreeBSD : ruby -- cgi.rb library Denial of Service (a8674c14-83d7-11db-88d5-0012f06707f0)

The official ruby site reports : Another vulnerability has been discovered in the CGI library cgi.rb that ships with Ruby which could be used by a malicious user to create a denial of service attack DoS. A specific HTTP request for any web application using cgi.rb causes CPU consumption on the...

5CVSS5.2AI score0.03703EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/12/04 12:0 a.m.33 views

JVN#84798830 Denial of service vulnerability in Ruby CGI library (cgi.rb)

Impact A remote attacker could possibly conduct a DoS attack on a Ruby server by sending it a specially crafted request. Solution Products Affected 1.8 series 1.8.5 and all previous versions Developer version 1.9 series 2006-12-04 and all previous versions For more information, refer to the...

5CVSS7.3AI score0.04071EPSS
Exploits1
FreeBSD
FreeBSD
added 2006/12/04 12:0 a.m.34 views

ruby -- cgi.rb library Denial of Service

The official ruby site reports: Another vulnerability has been discovered in the CGI library cgi.rb that ships with Ruby which could be used by a malicious user to create a denial of service attack DoS. A specific HTTP request for any web application using cgi.rb causes CPU consumption on the...

5CVSS6.2AI score0.03703EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2006/11/22 12:0 a.m.23 views

GLSA-200611-12 : Ruby: Denial of Service vulnerability

The remote host is affected by the vulnerability described in GLSA-200611-12 Ruby: Denial of Service vulnerability Zed Shaw, Jeremy Kemper, and Jamis Buck of the Mongrel project reported that the CGI library shipped with Ruby is vulnerable to a remote Denial of Service by an unauthenticated user...

5CVSS7.3AI score0.04071EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2006/11/20 12:0 a.m.30 views

Ruby: Denial of Service vulnerability

Background Ruby is a dynamic, open source programming language with a focus on simplicity and productivity. Description Zed Shaw, Jeremy Kemper, and Jamis Buck of the Mongrel project reported that the CGI library shipped with Ruby is vulnerable to a remote Denial of Service by an unauthenticated...

5CVSS6.6AI score0.04071EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2006/11/06 12:0 a.m.37 views

FreeBSD : ruby -- cgi.rb library Denial of Service (ab8dbe98-6be4-11db-ae91-0012f06707f0)

Official ruby site reports : A vulnerability has been discovered in the CGI library cgi.rb that ships with Ruby which could be used by a malicious user to create a denial of service attack DoS. The problem is triggered by sending the library an HTTP request that uses multipart MIME encoding and a...

5CVSS6.9AI score0.04071EPSS
Exploits1References3
securityvulns
securityvulns
added 2006/11/05 12:0 a.m.94 views

[OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory OpenPKG GmbH http://openpkg.org/security/ http://openpkg.com OpenPKG-SA-2006.030 2006-11-04 Package: ruby Vulnerability: denial of service OpenPKG Specific: no Affected Series: Affected Packages: Corrected Packages: E1.0-SOLI...

5CVSS7.5AI score0.04071EPSS
Exploits1
Ubuntu
Ubuntu
added 2006/11/01 3:38 p.m.50 views

USN-371-1: Ruby vulnerability

An error was found in Ruby's CGI library that did not correctly check for the end of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU...

5CVSS7.1AI score0.04071EPSS
Exploits1
Snyk
Snyk
added 2006/10/27 6:7 p.m.3 views

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary...

5.3CVSS7.2AI score0.04071EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2006/10/27 6:7 p.m.33 views

CVE-2006-5467

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and...

5CVSS7.1AI score0.04071EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2006/10/25 12:0 a.m.31 views

ruby -- cgi.rb library Denial of Service

Official ruby site reports: A vulnerability has been discovered in the CGI library cgi.rb that ships with Ruby which could be used by a malicious user to create a denial of service attack DoS. The problem is triggered by sending the library an HTTP request that uses multipart MIME encoding and as...

5CVSS6.2AI score0.04071EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2002/11/27 12:0 a.m.26 views

Lib CGI 0.1 - Include Buffer Overflow

// source: https://www.securityfocus.com/bid/6264/info Lib CGI is a freely available, open source CGI library for C programmers. It is available for Unix and Linux operating systems. It has been reported that a buffer overflow exists in the Lib CGI development library. Due to improper bounds...

7AI score
Exploits0
Rows per page
Query Builder