Vulnerabilities > CVE-2008-3656 - Resource Management Errors vulnerability in Ruby-Lang Ruby
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 50 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Ruby 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS. CVE-2008-3656,CVE-2008-4310. Dos exploits for multiple platform |
| id | EDB-ID:32222 |
| last seen | 2016-02-03 |
| modified | 2008-08-11 |
| published | 2008-08-11 |
| reporter | Keita Yamaguchi |
| source | https://www.exploit-db.com/download/32222/ |
| title | Ruby <= 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS |
Metasploit
| description | The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7 to 1.8.7-p71, and 1.9 to r18423 allows for a DoS (CPU consumption) via a crafted HTTP request. |
| id | MSF:AUXILIARY/DOS/HTTP/WEBRICK_REGEX |
| last seen | 2020-03-15 |
| modified | 2017-07-24 |
| published | 2008-10-17 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/webrick_regex.rb |
| title | Ruby WEBrick::HTTP::DefaultFileHandler DoS |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200812-17.NASL description The remote host is affected by the vulnerability described in GLSA-200812-17 (Ruby: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws: Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662). Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663). Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664). Memory corruption ( last seen 2020-06-01 modified 2020-06-02 plugin id 35188 published 2008-12-17 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35188 title GLSA-200812-17 : Ruby: Multiple vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0897.NASL description From Red Hat Security Advisory 2008:0897 : Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 67752 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67752 title Oracle Linux 4 / 5 : ruby (ELSA-2008-0897) NASL family Fedora Local Security Checks NASL id FEDORA_2008-8738.NASL description Update to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing last seen 2020-06-01 modified 2020-06-02 plugin id 34380 published 2008-10-10 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34380 title Fedora 9 : ruby-1.8.6.287-2.fc9 (2008-8738) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1651.NASL description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. - CVE-2008-3656 Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. - CVE-2008-3657 It was discovered that the dl module doesn last seen 2020-06-01 modified 2020-06-02 plugin id 34387 published 2008-10-13 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34387 title Debian DSA-1651-1 : ruby1.8 - several vulnerabilities NASL family Scientific Linux Local Security Checks NASL id SL_20081021_RUBY_ON_SL3_X.NASL description The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 60485 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60485 title Scientific Linux Security Update : ruby on SL3.x, SL4.x, SL5.x i386/x86_64 NASL family SuSE Local Security Checks NASL id SUSE_RUBY-6338.NASL description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 51760 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51760 title SuSE 10 Security Update : ruby (ZYPP Patch Number 6338) NASL family SuSE Local Security Checks NASL id SUSE_11_1_RUBY-090703.NASL description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 40306 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40306 title openSUSE Security Update : ruby (ruby-1070) NASL family SuSE Local Security Checks NASL id SUSE_11_0_RUBY-090703.NASL description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 40122 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40122 title openSUSE Security Update : ruby (ruby-1070) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0981.NASL description From Red Hat Security Advisory 2008:0981 : Updated ruby packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) All Ruby users should upgrade to these updated packages, which contain a correct patch that resolves this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 67767 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67767 title Oracle Linux 4 / 5 : ruby (ELSA-2008-0981) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-226.NASL description A denial of service condition was found in Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 38018 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38018 title Mandriva Linux Security Advisory : ruby (MDVSA-2008:226) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-651-1.NASL description Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2376) Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443) Keita Yamaguchi discovered several safe level vulnerabilities in Ruby. An attacker could use this to bypass intended access restrictions. (CVE-2008-3655) Keita Yamaguchi discovered that WEBrick in Ruby did not properly validate paths ending with last seen 2020-06-01 modified 2020-06-02 plugin id 37068 published 2009-04-23 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37068 title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-651-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0897.NASL description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 34466 published 2008-10-22 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34466 title RHEL 4 / 5 : ruby (RHSA-2008:0897) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1652.NASL description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. - CVE-2008-3656 Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. - CVE-2008-3657 It was discovered that the dl module doesn last seen 2020-06-01 modified 2020-06-02 plugin id 34388 published 2008-10-13 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34388 title Debian DSA-1652-1 : ruby1.9 - several vulnerabilities NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0897.NASL description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 34502 published 2008-10-28 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34502 title CentOS 4 / 5 : ruby (CESA-2008:0897) NASL family SuSE Local Security Checks NASL id SUSE_RUBY-6339.NASL description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 42032 published 2009-10-06 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42032 title openSUSE 10 Security Update : ruby (ruby-6339) NASL family Scientific Linux Local Security Checks NASL id SL_20081204_RUBY_ON_SL4_X.NASL description Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) last seen 2020-06-01 modified 2020-06-02 plugin id 60502 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60502 title Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64 NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0981.NASL description Updated ruby packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) All Ruby users should upgrade to these updated packages, which contain a correct patch that resolves this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 35263 published 2008-12-26 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35263 title CentOS 4 / 5 : ruby (CESA-2008:0981) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_F7BA20AA6B5A11DD9D79001FC61C2A55.NASL description The official ruby site reports : WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.split_header_value. last seen 2020-06-01 modified 2020-06-02 plugin id 33907 published 2008-08-17 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33907 title FreeBSD : ruby -- DoS vulnerability in WEBrick (f7ba20aa-6b5a-11dd-9d79-001fc61c2a55) NASL family MacOS X Local Security Checks NASL id MACOSX_10_5_7.NASL description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products : - Apache - ATS - BIND - CFNetwork - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - iChat - International Components for Unicode - IPSec - Kerberos - Kernel - Launch Services - libxml - Net-SNMP - Network Time - Networking - OpenSSL - PHP - QuickDraw Manager - ruby - Safari - Spotlight - system_cmds - telnet - Terminal - WebKit - X11 last seen 2020-06-01 modified 2020-06-02 plugin id 38744 published 2009-05-13 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38744 title Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE9_12452.NASL description This update for ruby fixes the following security issues : - Improve return value checks for OpenSSL function OCSP_basic_verify() to refuse usage of revoked certificates. (CVE-2009-0642) - Increase entropy of DNS identifiers to avoid spoofing attacks. (CVE-2008-3905) - Fix denial of service (DoS) vulnerability while parsing XML data. (CVE-2008-3790) - Fix possible attack on algorithm complexity in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests or by using the regex engine to cause high CPU load. (CVE-2008-3656, CVE-2008-3443) - Improve ruby last seen 2020-06-01 modified 2020-06-02 plugin id 41312 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41312 title SuSE9 Security Update : ruby (YOU Patch Number 12452) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0981.NASL description Updated ruby packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) All Ruby users should upgrade to these updated packages, which contain a correct patch that resolves this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 35038 published 2008-12-05 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35038 title RHEL 4 / 5 : ruby (RHSA-2008:0981) NASL family SuSE Local Security Checks NASL id SUSE_11_RUBY-090703.NASL description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug. (CVE-2008-3790) An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 41452 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41452 title SuSE 11 Security Update : ruby (SAT Patch Number 1073) NASL family Fedora Local Security Checks NASL id FEDORA_2008-8736.NASL description Update to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing last seen 2020-06-01 modified 2020-06-02 plugin id 34379 published 2008-10-10 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34379 title Fedora 8 : ruby-1.8.6.287-2.fc8 (2008-8736) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_C329712A6B5B11DD9D79001FC61C2A55.NASL description The official ruby site reports : Several vulnerabilities in safe level have been discovereds:. - untrace_var is permitted at safe level 4; - $PROGRAM_NAME may be modified at safe level 4; - insecure methods may be called at safe level 1-3; - syslog operations are permitted at safe level 4; - dl doesn last seen 2020-06-01 modified 2020-06-02 plugin id 33906 published 2008-08-17 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33906 title FreeBSD : ruby -- multiple vulnerabilities in safe level (c329712a-6b5b-11dd-9d79-001fc61c2a55)
Oval
| accepted | 2013-04-29T04:21:18.758-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression. | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:9682 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||
| title | Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression. | ||||||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://secunia.com/advisories/31430
- http://secunia.com/advisories/31430
- http://secunia.com/advisories/31697
- http://secunia.com/advisories/31697
- http://secunia.com/advisories/32165
- http://secunia.com/advisories/32165
- http://secunia.com/advisories/32219
- http://secunia.com/advisories/32219
- http://secunia.com/advisories/32255
- http://secunia.com/advisories/32255
- http://secunia.com/advisories/32256
- http://secunia.com/advisories/32256
- http://secunia.com/advisories/32371
- http://secunia.com/advisories/32371
- http://secunia.com/advisories/33178
- http://secunia.com/advisories/33178
- http://secunia.com/advisories/35074
- http://secunia.com/advisories/35074
- http://security.gentoo.org/glsa/glsa-200812-17.xml
- http://security.gentoo.org/glsa/glsa-200812-17.xml
- http://support.apple.com/kb/HT3549
- http://support.apple.com/kb/HT3549
- http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
- http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
- http://www.debian.org/security/2008/dsa-1651
- http://www.debian.org/security/2008/dsa-1651
- http://www.debian.org/security/2008/dsa-1652
- http://www.debian.org/security/2008/dsa-1652
- http://www.redhat.com/support/errata/RHSA-2008-0897.html
- http://www.redhat.com/support/errata/RHSA-2008-0897.html
- http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
- http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
- http://www.securityfocus.com/archive/1/495884/100/0/threaded
- http://www.securityfocus.com/archive/1/495884/100/0/threaded
- http://www.securityfocus.com/bid/30644
- http://www.securityfocus.com/bid/30644
- http://www.securitytracker.com/id?1020654
- http://www.securitytracker.com/id?1020654
- http://www.us-cert.gov/cas/techalerts/TA09-133A.html
- http://www.us-cert.gov/cas/techalerts/TA09-133A.html
- http://www.vupen.com/english/advisories/2008/2334
- http://www.vupen.com/english/advisories/2008/2334
- http://www.vupen.com/english/advisories/2009/1297
- http://www.vupen.com/english/advisories/2009/1297
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44371
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44371
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9682
- https://usn.ubuntu.com/651-1/
- https://usn.ubuntu.com/651-1/
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html