Ruby: Denial of Service issue

Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. Ruby's CGI module can be used to build web applications. Description Ruby's developers found and fixed an issue in the CGI module that can be triggered remotely and cause an infinite loop. Impact ...

CGI bugs

No description provided...

USN-20-1: Ruby CGI module vulnerability

The Ruby developers discovered a potential Denial of Service vulnerability in the CGI module cgi.rb. Specially crafted CGI requests could cause an infinite loop in the server process. Repetitive attacks could use most of the available processor resources, exhaust the number of allowed parallel...

[SECURITY] [DSA 586-1] New ruby packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 586-1 [email protected] http://www.debian.org/security/ Martin Schulze November 8th, 2004 http://www.debian.org/security/faq -...

Ruby DoS

Malcrafted request to CGI module leads to infinite loop...

[SECURITY] [DSA 586-1] New ruby packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 586-1 [email protected] http://www.debian.org/security/ Martin Schulze November 8th, 2004 http://www.debian.org/security/faq -...

DSA-586-1 ruby - infinite loop

Bulletin has no description...

CGI bugs

No description provided...

ruby -- CGI DoS

The Ruby CGI.rb module contains a bug which can cause the CGI module to go into an infinite loop, thereby causing a denial-of-service situation on the web server by using all available CPU time...

CGI bugs

No description provided...

CGI bugs

No description provided...

Netbilling nbmember.cgi cmd Parameter Information Disclosure

nbmember.cgi is installed on the remote host. The remote version of this software is vulnerable to an information disclosure flaw which may allow an attacker to access sensitive system information resulting in a loss of confidentiality. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2004-0755

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions...

CGI bugs

No description provided...

CGI bugs

No description provided...

CGI bugs

No description provided...

CGI bugs

No description provided...

RHEL 2.1 / 3 : ruby (RHSA-2004:441)

An updated ruby package that fixes insecure file permissions for CGI session files is now available. Ruby is an interpreted scripting language for object-oriented programming. Andres Salomon reported an insecure file permissions flaw in the CGI session management of Ruby. FileStore created world...

security flaw

The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions...

Low: Red Hat Security Advisory: ruby security update

An updated ruby package that fixes insecure file permissions for CGI session files is now available. Ruby is an interpreted scripting language for object-oriented programming. Andres Salomon reported an insecure file permissions flaw in the CGI session management of Ruby. FileStore created world...