Lucene search
UbuntuUSN-394-1HistoryDec 08, 2006 - 12:00 a.m.
Ruby vulnerability
2006-12-0800:00:00
ubuntu.com
31
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.049 Low
EPSS
Percentile
92.7%
Releases
- Ubuntu 6.10
- Ubuntu 6.06
- Ubuntu 5.10
Details
An error was found in Ruby’s CGI library that did not correctly quote
the boundary of multipart MIME requests. Using a crafted HTTP request,
a remote user could cause a denial of service, where Ruby CGI
applications would end up in a loop, monopolizing a CPU.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 6.10 | noarch | libruby1.8 | < 1.8.4-5ubuntu1.2 | UNKNOWN |
| Ubuntu | 6.06 | noarch | libruby1.8 | < 1.8.4-1ubuntu1.3 | UNKNOWN |
| Ubuntu | 5.10 | noarch | libruby1.8 | < 1.8.2-9ubuntu1.4 | UNKNOWN |
References
Related
nessus
nessus
GLSA-200612-21 : Ruby: Denial of Service vulnerability
2006-12-30 00:00:00
SuSE 10 Security Update : ruby (ZYPP Patch Number 2654)
2007-12-13 00:00:00
SuSE9 Security Update : ruby (YOU Patch Number 11442)
2009-09-24 00:00:00
openvas
openvas
SLES9: Security update for ruby
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200612-21 (ruby)
2008-09-24 00:00:00
SLES9: Security update for ruby
2009-10-10 00:00:00
securityvulns
securityvulns
[ MDKSA-2006:225 ] - Updated ruby packages fix DoS vulnerability
2006-12-07 00:00:00
gentoo
gentoo
Ruby: Denial of Service vulnerability
2006-12-20 00:00:00
freebsd
freebsd
ruby -- cgi.rb library Denial of Service
2006-12-04 00:00:00
cve
cve
CVE-2006-6303
2006-12-06 19:28:00
ubuntucve
ubuntucve
CVE-2006-6303
2006-12-06 00:00:00
redhat
redhat
(RHSA-2007:0961) Moderate: ruby security update
2007-11-13 00:00:00
(RHSA-2008:0562) Moderate: ruby security update
2008-07-14 00:00:00
oraclelinux
oraclelinux
Moderate: ruby security update
2007-11-13 00:00:00
Moderate: ruby security update
2007-11-23 00:00:00
ruby security update
2008-07-14 00:00:00
centos
centos
irb, ruby security update
2007-11-13 13:51:34
irb, ruby security update
2008-07-14 16:43:34
irb, ruby security update
2008-07-14 23:50:47
seebug
seebug
Apple Mac OS X 2007-005多个安全漏洞
2007-05-25 00:00:00
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.049 Low
EPSS
Percentile
92.7%
Related for USN-394-1