irb, ruby security update

CentOS Errata and Security Advisory CESA-2005:799 Updated ruby packages that fix an arbitrary command execution issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 25 Oct 2005 Errata has been updated to include...

[SECURITY] [DSA 862-1] New Ruby 1.6 packages fix safety bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 862-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...

GLSA-200510-05 : Ruby: Security bypass vulnerability

The remote host is affected by the vulnerability described in GLSA-200510-05 Ruby: Security bypass vulnerability Dr. Yutaka Oiwa discovered that Ruby fails to properly enforce safe level protections. Impact : An attacker could exploit this vulnerability to execute arbitrary code beyond the...

Debian DSA-862-1 : ruby1.6 - programming error

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...

Debian DSA-860-1 : ruby - programming error

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...

DSA-862-1 ruby1.6 - programming error

Bulletin has no description...

DSA-860-1 ruby - programming error

Bulletin has no description...

USN-195-1: Ruby vulnerability

The object oriented scripting language Ruby supports safely executing untrusted code with two mechanisms: safe level and taint flag on objects. Dr. Yutaka Oiwa discovered a vulnerability that allows Ruby methods to bypass these mechanisms. In systems which use this feature, this could be exploite...

CVE-2005-2337

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

CVE-2005-2337

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

CVE-2005-2337

CVE-2005-2337 affects Ruby 1.6.x (up to 1.6.8), 1.8.x (up to 1.8.2), and 1.9.0 development up to 2005-09-01. The issue allows bypassing safe level and taint protections to execute disallowed code when code is read from standard input, enabling potential arbitrary code execution. Root cause: bypas...

CVE-2005-2337

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

Ruby: Security bypass vulnerability

Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. Ruby supports the safe execution of untrusted code using a safe level and taint flag mechanism. Description Dr. Yutaka Oiwa discovered that Ruby fails to properly enforce safe level protections...

Ruby safe-level security model bypass

Overview Ruby contains a vulnerability that may allow arbitrary code to be run without the intended safe-level checks being applied. Description Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: taint flagging and safe levels. Safe levels...

Ruby library contains vulnerable default value

Overview Ruby includes a vulnerable default value that may be used to bypass security restrictions and execute arbitrary code. Description Ruby is vulnerable to an attack on applications using the XML-RPC services via XMLRPC.iPIMethods, due to an insecure default value in utils.rb. Any program or...

ruby -- vulnerability in the safe level settings

Ruby home page reports: The Object Oriented Scripting Language Ruby supports safely executing an untrusted code with two mechanisms: safe level and taint flag on objects. A vulnerability has been found that allows bypassing these mechanisms. By using the vulnerability, arbitrary code can be...

[SA16920] Mac OS X Security Update Fixes Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Ruby safe level protection bypass

Error in eval.c in enforcing safe level protection...