CVE-2006-5467

2006-10-2700:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.206 Low

EPSS

Percentile

96.3%

JSON

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a
denial of service (infinite loop and CPU consumption) via an HTTP request
with a multipart MIME body that contains an invalid boundary specifier, as
demonstrated using a specifier that begins with a “-” instead of “–” and
contains an inconsistent ID.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchruby1.8< 1.8.4-1ubuntu1.3UNKNOWN
ubuntu6.10noarchruby1.8< 1.8.4-5ubuntu1.2UNKNOWN
ubuntu7.04noarchruby1.8< 1.8.5-4ubuntu2UNKNOWN