Scientific Linux Security Update : ruby on SL3.x, SL4.x, SL5.x i386/x86_64

The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. CVE-2008-3905 Ruby's XML document parsing module REXML was prone to a denial of service...

CentOS Update for irb CESA-2008:0897 centos4 x86_64

Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0897 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

GLSA-200812-17 : Ruby: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200812-17 Ruby: Multiple vulnerabilities Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws: Arbitrary code execution...

CVE-2008-3790

The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service CPU consumption via an XML document with recursively nested entities, aka an "XML entity explosion."...

CVE-2008-3790 ruby: DoS vulnerability in the REXML module

The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service CPU consumption via an XML document with recursively nested entities, aka an "XML entity explosion...