9 matches found
SLES9: Security update for ruby
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: ruby For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5016692 within the SuSE...
SLES9: Security update for ruby
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: ruby For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5016692 within the SuSE...
Debian: Security Advisory (DSA-748-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 4 : ruby (CESA-2005:543)
Updated ruby packages that fix an arbitrary command execution issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A bug was found in the way Ruby...
Mac OS X Multiple Vulnerabilities (Security Update 2005-008)
The remote host is running Apple Mac OS X, but lacks Security Update 2005-008. This security update contains fixes for the following applications : - ImageIO - LibSystem - Mail - QuickDraw - Ruby - SecurityAgent - securityd C Tenable Network Security, Inc. include"compat.inc"; if description...
RHEL 4 : ruby (RHSA-2005:543)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:543 advisory. Ruby is an interpreted scripting language for object-oriented programming. A bug was found in the way Ruby launched an XMLRPC server. If an XMLRPC...
FreeBSD : ruby -- arbitrary command execution on XMLRPC server (594eb447-e398-11d9-a8bd-000cf18bbe54)
Nobuhiro IMAI reports : the default value modification on Modulepublicinstancemethods from false to true breaks s.addhandlerXMLRPC::iPIMethods'sample', MyHandler.new style security protection. This problem could allow a remote attacker to execute arbitrary commands on XMLRPC server of libruby...
CVE-2005-1992
CVE-2005-1992 affects Ruby’s XMLRPC implementation. The XMLRPC server in utils.rb (Ruby libruby 1.8) uses an insecure default for public_instance_methods, enabling a remote attacker to trigger the XMLRPC handler to execute arbitrary commands. Impact is remote code execution via the XMLRPC service...
CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...