openSUSE Security Update : ruby / ruby19 (openSUSE-SU-2012:1443-1)

This update of ruby fixed multiple SAFE level bypass flaws. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-763. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)

ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 bnc802406 - XSS exploit of RDoc documentation generated by rdoc CVE-2013-0256 - for other changes see /usr/share/doc/packages/ruby19/Changelog Update to 1.9.3 p327 bnc789983 - CVE-2012-5371 and plenty of other fixes...

Fedora Update for ruby FEDORA-2013-8411

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2013-8411 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

CVE-2012-4464

Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 are vulnerable to a context-dependent taint bypass via exc_to_s or name_err_to_s in the exception-to-string paths, allowing modification of untainted strings and bypassing safe-level restrictions (distinct from CVE-2012-4466). Root c...

Fedora Update for ruby FEDORA-2013-3038

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected", value:"rub...

Fedora Update for ruby FEDORA-2012-18017

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2012-18017 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

USN-1614-1: Ruby vulnerabilities

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...

Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1614-1)

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...

Fedora Update for ruby FEDORA-2012-16086

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2012-16086 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Ubuntu: Security Advisory (USN-1614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for ruby FEDORA-2012-16086

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for ruby FEDORA-2012-15395

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2012-15395 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for ruby FEDORA-2012-15395

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for ruby FEDORA-2012-15507

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : ruby-1.8.7.358-4.fc16 (2012-15507)

Some security flaws were found on ruby currently shipped on Fedora 17 where malicious user can bypass safe mechanize by raising exception intentionally and make arbitrary strings tainted. This flaw were now registered as CVE-2012-4464 and CVE-2012-4466. Note that CVE-2012-4464 is basically the sa...

Ubuntu 12.04 LTS : ruby1.9.1 vulnerabilities (USN-1602-1)

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. CVE-2012-4464, CVE-2012-4466. Note that Tenable Network Security has extracted the preceding...

Ubuntu: Security Advisory (USN-1602-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1602-1: Ruby vulnerabilities

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. CVE-2012-4464, CVE-2012-4466...

Fedora 18 : ruby-1.9.3.194-18.fc18 (2012-15376)

Some security flaws were found on ruby currently shipped on Fedora 18 where malicious user can bypass safe mechanize by raising exception intentionally and make arbitrary strings tainted. This flaw were now registered as CVE-2012-4464 and CVE-2012-4466. This update rpm will fix this issue. Note...