Lucene search
UbuntuUSN-371-1HistoryNov 01, 2006 - 12:00 a.m.
Ruby vulnerability
2006-11-0100:00:00
ubuntu.com
24
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.206 Low
EPSS
Percentile
96.3%
Releases
- Ubuntu 6.10
- Ubuntu 6.06
- Ubuntu 5.10
- Ubuntu 5.04
Details
An error was found in Ruby’s CGI library that did not correctly check
for the end of multipart MIME requests. Using a crafted HTTP request, a
remote user could cause a denial of service, where Ruby CGI applications
would end up in a loop, monopolizing a CPU.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 6.10 | noarch | libruby1.8 | < 1.8.4-5ubuntu1.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | libruby1.8 | < 1.8.4-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 5.10 | noarch | libruby1.8 | < 1.8.2-9ubuntu1.3 | UNKNOWN |
| Ubuntu | 5.04 | noarch | libruby1.8 | < 1.8.1+1.8.2pre4-1ubuntu0.5 | UNKNOWN |
References
Related
nessus
nessus
SuSE 10 Security Update : ruby (ZYPP Patch Number 2224)
2007-12-13 00:00:00
RHEL 2.1 / 3 / 4 : ruby (RHSA-2006:0729)
2006-11-20 00:00:00
cve
cve
CVE-2006-5467
2006-10-27 18:07:00
CVE-2006-6303
2006-12-06 19:28:00
centos
centos
irb, ruby security update
2006-11-09 01:08:40
irb, ruby security update
2006-11-08 19:36:57
openvas
openvas
FreeBSD Ports: ruby, ruby_static
2008-09-04 00:00:00
SLES9: Security update for ruby
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200611-12 (ruby)
2008-09-24 00:00:00
securityvulns
securityvulns
[OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby)
2006-11-05 00:00:00
debian
debian
[SECURITY] [DSA-1235-1] New ruby1.8 package fix denial of service
2006-12-13 12:18:52
[SECURITY] [DSA-1234-1] New ruby1.6 package fix denial of service
2006-12-13 12:12:07
redhat
redhat
(RHSA-2006:0729) Moderate: ruby security update
2006-11-08 00:00:00
freebsd
freebsd
ruby -- cgi.rb library Denial of Service
2006-10-25 00:00:00
gentoo
gentoo
Ruby: Denial of Service vulnerability
2006-11-20 00:00:00
jvn
jvn
JVN#84798830 Denial of service vulnerability in Ruby CGI library (cgi.rb)
2006-12-04 00:00:00
ubuntucve
ubuntucve
CVE-2006-5467
2006-10-27 00:00:00
CVE-2006-6303
2006-12-06 00:00:00
oraclelinux
oraclelinux
Moderate ruby security update
2006-11-30 00:00:00
Moderate ruby security update
2006-11-30 00:00:00
seebug
seebug
Apple Mac OS X 2007-005多个安全漏洞
2007-05-25 00:00:00
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.206 Low
EPSS
Percentile
96.3%
Related for USN-371-1