Lucene search
Ubuntu.comUB:CVE-2005-1992HistoryJun 20, 2005 - 12:00 a.m.
CVE-2005-1992
2005-06-2000:00:00
ubuntu.com
ubuntu.com
6
0.039 Low
EPSS
Percentile
91.9%
The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an
invalid default value that prevents “security protection” using handlers,
which allows remote attackers to execute arbitrary commands.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | ruby1.8 | < 1.8.4-1ubuntu1.3 | UNKNOWN |
| ubuntu | 6.10 | noarch | ruby1.8 | < 1.8.4-5ubuntu1.2 | UNKNOWN |
| ubuntu | 7.04 | noarch | ruby1.8 | < 1.8.5-4ubuntu2 | UNKNOWN |
| ubuntu | 6.06 | noarch | ruby1.9 | < 1.9.0+20060423-3ubuntu1 | UNKNOWN |
| ubuntu | 6.10 | noarch | ruby1.9 | < 1.9.0+20060423-3ubuntu1 | UNKNOWN |
| ubuntu | 7.04 | noarch | ruby1.9 | < 1.9.0+20060423-3ubuntu1 | UNKNOWN |
Related
nessus
nessus
RHEL 4 : ruby (RHSA-2005:543)
2005-08-07 00:00:00
Mandrake Linux Security Advisory : ruby (MDKSA-2005:118)
2005-07-13 00:00:00
Fedora Core 4 : ruby-1.8.2-7.fc4.2 (2005-475)
2005-06-28 00:00:00
cvelist
cvelist
CVE-2005-1992
2005-06-20 04:00:00
ubuntu
ubuntu
Ruby vulnerability
2005-06-29 00:00:00
openvas
openvas
FreeBSD Ports: ruby, ruby_static
2008-09-04 00:00:00
Debian Security Advisory DSA 748-1 (ruby1.8)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200507-10 (ruby)
2008-09-24 00:00:00
cve
cve
CVE-2005-1992
2005-06-20 04:00:00
cert
cert
Ruby library contains vulnerable default value
2005-10-03 00:00:00
debian
debian
[SECURITY] [DSA 748-1] New ruby1.8 packages fix arbitrary command execution
2005-07-11 11:44:31
[SECURITY] [DSA 748-1] New ruby1.8 packages fix arbitrary command execution
2005-07-11 00:00:00
centos
centos
irb, ruby security update
2005-08-05 14:56:45
redhat
redhat
(RHSA-2005:543) ruby security update
2005-08-05 00:00:00
freebsd
freebsd
ruby -- arbitrary command execution on XMLRPC server
2005-06-22 00:00:00
gentoo
gentoo
Ruby: Arbitrary command execution through XML-RPC
2005-07-11 00:00:00