Lucene search
+L

156 matches found

Oracle linux
Oracle linux
added 2006/11/30 12:0 a.m.32 views

Moderate ruby security update

1.8.1-7.EL4.8 - BR tcl-devel and tk-devel instead of tcl and tk. 1.8.1-7.EL4.7 - security fix release. - ruby-1.8.1-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. 212237 1.8.1-7.EL4.6 - security fixes CVE-2006-3694 - fixed the insecure operations on Di...

6.4CVSS3.3AI score0.05739EPSS
Exploits1
Oracle linux
Oracle linux
added 2006/11/30 12:0 a.m.38 views

Moderate ruby security update

1.8.1-7.EL4.8 - BR tcl-devel and tk-devel instead of tcl and tk. 1.8.1-7.EL4.7 - security fix release. - ruby-1.8.1-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. 212237 1.8.1-7.EL4.6 - security fixes CVE-2006-3694 - fixed the insecure operations on Di...

6.4CVSS3.3AI score0.05739EPSS
Exploits1
securityvulns
securityvulns
added 2006/08/04 12:0 a.m.48 views

Ruby Safe Level security bypass

"alias" can be exploited to replace safe function, directory access protection bypass. Few potentially dangerous methods are not limited...

3AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/08/04 12:0 a.m.26 views

CentOS 3 / 4 : ruby (CESA-2006:0604)

Updated ruby packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A number of flaws were found in the safe-level...

6.4CVSS6.9AI score0.05739EPSS
Exploits0References7
Cent OS
Cent OS
added 2006/07/31 12:23 a.m.64 views

irb, ruby security update

CentOS Errata and Security Advisory CESA-2006:0604-01 Updated ruby packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A...

6.4CVSS7AI score0.05739EPSS
Exploits0References8
Cent OS
Cent OS
added 2006/07/29 11:51 a.m.68 views

irb, ruby security update

CentOS Errata and Security Advisory CESA-2006:0604 Updated ruby packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A...

6.4CVSS7AI score0.05739EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2006/07/27 8:36 p.m.35 views

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A number of flaws were found in the safe-level...

6.4CVSS6.9AI score0.05739EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2006/07/27 8:36 p.m.7 views

security flaw

Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving 1 the alias function and 2 "directory operations"...

6.4CVSS7.2AI score0.05739EPSS
Exploits0References4
NVD
NVD
added 2006/07/21 2:3 p.m.17 views

CVE-2006-3694

Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving 1 the alias function and 2 "directory operations"...

6.4CVSS6.6AI score0.05739EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2006/07/21 2:3 p.m.28 views

CVE-2006-3694

Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving 1 the alias function and 2 "directory operations"...

6.4CVSS7.1AI score0.05739EPSS
Exploits0References2
RubySec
RubySec
added 2006/07/21 12:0 a.m.26 views

ruby1.8 vulnerability

Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass safe level checks via unspecified vectors involving 1 the alias function and 2 directory operations...

6.4CVSS7.1AI score0.05739EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2006/07/19 1:0 a.m.94 views

CVE-2006-3694

CVE-2006-3694 refers to multiple vulnerabilities in Ruby prior to 1.8.5 that allow remote attackers to bypass certain security checks. The core issue is a bypass of the interpreter’s safe-level restrictions via unspecified vectors involving (1) the alias function and (2) directory operations, ena...

6.4CVSS6.5AI score0.05739EPSS
Exploits0References25Affected Software1
FreeBSD
FreeBSD
added 2006/07/12 12:0 a.m.31 views

ruby -- multiple vulnerabilities

Secunia reports: Two vulnerabilities have been reported in Ruby, which can be exploited by malicious people to bypass certain security restrictions. An error in the handling of the "alias" functionality can be exploited to bypass the safe level protection and replace methods called in the trusted...

6.4CVSS6.8AI score0.05739EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/07/11 12:0 a.m.15 views

JVN#83768862 Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox

Impact An attacker could force programs to crash. Solution Products Affected Ruby 1.8.4-20060328 and earlier Snapshot versions As a workaround, we recommend that users update to the latest Ruby 1.8.4 snapshot version...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/07/11 12:0 a.m.11 views

JVN#13947696 Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.

Impact An attacker may be able to bypass the security model of a server application and change the status of a untained object. Solution Products Affected Ruby 1.8.4-20060516 and earlier Snapshot versions As a workaround, we recommend that users update to the latest Ruby 1.8.4 snapshot version...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.27 views

Ubuntu 4.10 / 5.04 : ruby1.8 vulnerability (USN-195-1)

The object oriented scripting language Ruby supports safely executing untrusted code with two mechanisms: safe level and taint flag on objects. Dr. Yutaka Oiwa discovered a vulnerability that allows Ruby methods to bypass these mechanisms. In systems which use this feature, this could be exploite...

7.5CVSS5.7AI score0.03256EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/11/02 12:0 a.m.30 views

Mandrake Linux Security Advisory : ruby (MDKSA-2005:191)

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C...

7.5CVSS5.2AI score0.03256EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/10/19 12:0 a.m.33 views

Debian DSA-864-1 : ruby1.8 - programming error

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...

7.5CVSS5.3AI score0.03256EPSS
Exploits0References3
OSV
OSV
added 2005/10/13 12:0 a.m.16 views

DSA-864-1 ruby1.8 - programming error

Bulletin has no description...

7.5CVSS6.3AI score0.03256EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2005/10/11 4:3 p.m.8 views

security flaw

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

7.5CVSS5.9AI score0.03256EPSS
Exploits0References4
Rows per page
Query Builder