Vulnerabilities > CVE-2006-1931 - Denial of Service vulnerability in Yukihiro Matsumoto Ruby XMLRPC Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 10 |
Exploit-Db
| description | Yukihiro Matsumoto Ruby 1.x XMLRPC Server Denial of Service Vulnerability. CVE-2006-1931. Dos exploit for linux platform |
| id | EDB-ID:27723 |
| last seen | 2016-02-03 |
| modified | 2006-04-21 |
| published | 2006-04-21 |
| reporter | Tanaka Akira |
| source | https://www.exploit-db.com/download/27723/ |
| title | Yukihiro Matsumoto Ruby 1.x XMLRPC Server Denial of Service Vulnerability |
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2006-0427.NASL description Updated ruby packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A bug was found in the way Ruby creates its xmlrpc and http servers. The servers use a non blocking socket, which enables a remote user to cause a denial of service condition if they are able to transmit a large volume of information from the network server. (CVE-2006-1931) Users of Ruby should update to these erratum packages, which contain a backported patch and are not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 21366 published 2006-05-13 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21366 title RHEL 4 : ruby (RHSA-2006:0427) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2006-0427.NASL description Updated ruby packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A bug was found in the way Ruby creates its xmlrpc and http servers. The servers use a non blocking socket, which enables a remote user to cause a denial of service condition if they are able to transmit a large volume of information from the network server. (CVE-2006-1931) Users of Ruby should update to these erratum packages, which contain a backported patch and are not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 21995 published 2006-07-05 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21995 title CentOS 4 : ruby (CESA-2006:0427) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-079.NASL description A vulnerability in how ruby last seen 2020-06-01 modified 2020-06-02 plugin id 21285 published 2006-04-26 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21285 title Mandrake Linux Security Advisory : ruby (MDKSA-2006:079) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1157.NASL description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1931 It was discovered that the use of blocking sockets can lead to denial of service. - CVE-2006-3964 It was discovered that Ruby does not properly maintain last seen 2020-06-01 modified 2020-06-02 plugin id 22699 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22699 title Debian DSA-1157-1 : ruby1.8 - several vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200605-11.NASL description The remote host is affected by the vulnerability described in GLSA-200605-11 (Ruby: Denial of Service) Ruby uses blocking sockets for WEBrick and XMLRPC servers. Impact : An attacker could send large amounts of data to an affected server to block the socket and thus deny other connections to the server. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 21353 published 2006-05-13 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21353 title GLSA-200605-11 : Ruby: Denial of Service NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-273-1.NASL description Yukihiro Matsumoto reported that Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 21292 published 2006-04-26 reporter Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21292 title Ubuntu 4.10 / 5.04 / 5.10 : ruby1.8 vulnerability (USN-273-1)
Oval
| accepted | 2013-04-29T04:11:31.157-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:11100 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
| title | The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data. | ||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2-webrick-dos-1.patch
- ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2-xmlrpc-dos-1.patch
- http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-dev/27787
- http://secunia.com/advisories/16904
- http://secunia.com/advisories/19772
- http://secunia.com/advisories/19804
- http://secunia.com/advisories/20024
- http://secunia.com/advisories/20064
- http://secunia.com/advisories/20457
- http://secunia.com/advisories/21657
- http://securitytracker.com/id?1015978
- http://www.debian.org/security/2006/dsa-1157
- http://www.gentoo.org/security/en/glsa/glsa-200605-11.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:079
- http://www.novell.com/linux/security/advisories/2006-06-02.html
- http://www.osvdb.org/24972
- http://www.redhat.com/support/errata/RHSA-2006-0427.html
- http://www.securityfocus.com/bid/17645
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189540
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26102
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11100
- https://usn.ubuntu.com/273-1/