Ruby cgi.rb Denial of Service Vulnerability

Overview Ruby cgi.rb enters an infinite loop which leads it into Ddenial of Service DoS due to improper input validation. Impact An attacker could cause a Denial of Service DoS onto the systems. Solution Please refer to the 'Vendor Information' section for official remediation and take appropriat...

Yukihiro Matsumoto Ruby CGI.RB库拒绝服务漏洞

Yukihiro Matsumoto Ruby是一种解释型的方便快捷的面向对象脚本语言。 Yukihiro Matsumoto Ruby cgi.rb的CGI库存在问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 提交特殊的HTTP请求到任意使用cgi.rb的WEB应用程序，可导致消耗大量CPU而造成停止响应，产生拒绝服务攻击。 Yukihiro Matsumoto Ruby 1.8.5 Yukihiro Matsumoto Ruby 1.8.4 Yukihiro Matsumoto Ruby 1.8.3 Yukihiro Matsumoto Ruby 1.8.2 pre4 +...

CVE-2006-5467

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and...

CVE-2006-5467

The CVE-2006-5467 issue affects Ruby 1.8’s CGI module (cgi.rb) and can cause a denial of service via a crafted multipart/form-data request with an invalid boundary. The vulnerability is specifically exploited in the CGI multipart parser, leading to an infinite loop and high CPU usage. Multiple ve...

Ruby cgi.rb Malformed HTTP Request CPU Utilization DoS

The 'cgi.rb' CGI is installed. Some versions is vulnerable to remote denial of service. By sending a specially crafted HTTP POST request, a malicious user can force the remote host to consume a large amount of CPU resources. Warning : Nessus solely relied on the presence of this CGI, it did not...