7 matches found
RHEL 6 : ruby (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Command injection vulnerability in Net::FTP CVE-2017-17405 - ruby: OpenSSL::X509::Name equality che...
RHEL 5 : ruby (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Command injection vulnerability in Net::FTP CVE-2017-17405 - ruby: OpenSSL::X509::Name equality che...
CVE-2009-5147
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names...
Low: ruby19, ruby20, ruby21, ruby22
Issue Overview: DL::dlopen could open a library with tainted library name even if $SAFE 0. Affected Packages: ruby19, ruby20, ruby21, ruby22 Issue Correction: Run yum update ruby19 or yum update --advisory ALAS-2016-632 to update your system. Run yum update ruby20 or yum update --advisory...
Debian DLA-300-1 : ruby1.9.1 security update
'sheepman' fixed a vulnerability in Ruby 1.9.1: DL::dlopen could open a library with tainted name even if $SAFE 0. For Debian 6 'Squeeze', this issue has been fixed in ruby1.9.1 1.9.2.0-2+deb6u7 NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...
Debian DLA-299-1 : ruby1.8 security update
'sheepman' fixed a vulnerability in Ruby 1.8: DL::dlopen could open a library with tainted name even if $SAFE 0. For Debian 6 'Squeeze', this issue has been fixed in ruby1.8 1.8.7.302-2squeeze5. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...
Ruby DL::dlopen could open a library with tainted library name even if $SAFE > 0
DL::dlopen could open a library with tainted library name even if $SAFE 0...