Vulnerabilities > CVE-2008-3656 - Resource Management Errors vulnerability in Ruby-Lang Ruby

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
ruby-lang
CWE-399
nessus
exploit available
metasploit
NVD
Published: 2008-08-13
Updated: 2018-10-11

Summary

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.

Vulnerable Configurations

Part Description Count
Application
Ruby-Lang
50

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionRuby 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS. CVE-2008-3656,CVE-2008-4310. Dos exploits for multiple platform
idEDB-ID:32222
last seen2016-02-03
modified2008-08-11
published2008-08-11
reporterKeita Yamaguchi
sourcehttps://www.exploit-db.com/download/32222/
titleRuby <= 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS

Metasploit

descriptionThe WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7 to 1.8.7-p71, and 1.9 to r18423 allows for a DoS (CPU consumption) via a crafted HTTP request.
idMSF:AUXILIARY/DOS/HTTP/WEBRICK_REGEX
last seen2020-03-15
modified2017-07-24
published2008-10-17
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/webrick_regex.rb
titleRuby WEBrick::HTTP::DefaultFileHandler DoS

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200812-17.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200812-17 (Ruby: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws: Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662). Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663). Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664). Memory corruption (
    last seen2020-06-01
    modified2020-06-02
    plugin id35188
    published2008-12-17
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35188
    titleGLSA-200812-17 : Ruby: Multiple vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0897.NASL
    descriptionFrom Red Hat Security Advisory 2008:0897 : Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id67752
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67752
    titleOracle Linux 4 / 5 : ruby (ELSA-2008-0897)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-8738.NASL
    descriptionUpdate to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing
    last seen2020-06-01
    modified2020-06-02
    plugin id34380
    published2008-10-10
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34380
    titleFedora 9 : ruby-1.8.6.287-2.fc9 (2008-8738)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1651.NASL
    descriptionSeveral vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. - CVE-2008-3656 Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. - CVE-2008-3657 It was discovered that the dl module doesn
    last seen2020-06-01
    modified2020-06-02
    plugin id34387
    published2008-10-13
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34387
    titleDebian DSA-1651-1 : ruby1.8 - several vulnerabilities
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20081021_RUBY_ON_SL3_X.NASL
    descriptionThe Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id60485
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60485
    titleScientific Linux Security Update : ruby on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE_RUBY-6338.NASL
    descriptionThis ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id51760
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51760
    titleSuSE 10 Security Update : ruby (ZYPP Patch Number 6338)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_RUBY-090703.NASL
    descriptionThis ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id40306
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40306
    titleopenSUSE Security Update : ruby (ruby-1070)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_RUBY-090703.NASL
    descriptionThis ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id40122
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40122
    titleopenSUSE Security Update : ruby (ruby-1070)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0981.NASL
    descriptionFrom Red Hat Security Advisory 2008:0981 : Updated ruby packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) All Ruby users should upgrade to these updated packages, which contain a correct patch that resolves this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id67767
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67767
    titleOracle Linux 4 / 5 : ruby (ELSA-2008-0981)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-226.NASL
    descriptionA denial of service condition was found in Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id38018
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38018
    titleMandriva Linux Security Advisory : ruby (MDVSA-2008:226)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-651-1.NASL
    descriptionAkira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2376) Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443) Keita Yamaguchi discovered several safe level vulnerabilities in Ruby. An attacker could use this to bypass intended access restrictions. (CVE-2008-3655) Keita Yamaguchi discovered that WEBrick in Ruby did not properly validate paths ending with
    last seen2020-06-01
    modified2020-06-02
    plugin id37068
    published2009-04-23
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37068
    titleUbuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-651-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0897.NASL
    descriptionUpdated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id34466
    published2008-10-22
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34466
    titleRHEL 4 / 5 : ruby (RHSA-2008:0897)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1652.NASL
    descriptionSeveral vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. - CVE-2008-3656 Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. - CVE-2008-3657 It was discovered that the dl module doesn
    last seen2020-06-01
    modified2020-06-02
    plugin id34388
    published2008-10-13
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34388
    titleDebian DSA-1652-1 : ruby1.9 - several vulnerabilities
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0897.NASL
    descriptionUpdated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id34502
    published2008-10-28
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34502
    titleCentOS 4 / 5 : ruby (CESA-2008:0897)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_RUBY-6339.NASL
    descriptionThis ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id42032
    published2009-10-06
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42032
    titleopenSUSE 10 Security Update : ruby (ruby-6339)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20081204_RUBY_ON_SL4_X.NASL
    descriptionVincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310)
    last seen2020-06-01
    modified2020-06-02
    plugin id60502
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60502
    titleScientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0981.NASL
    descriptionUpdated ruby packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) All Ruby users should upgrade to these updated packages, which contain a correct patch that resolves this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id35263
    published2008-12-26
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35263
    titleCentOS 4 / 5 : ruby (CESA-2008:0981)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_F7BA20AA6B5A11DD9D79001FC61C2A55.NASL
    descriptionThe official ruby site reports : WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.split_header_value.
    last seen2020-06-01
    modified2020-06-02
    plugin id33907
    published2008-08-17
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/33907
    titleFreeBSD : ruby -- DoS vulnerability in WEBrick (f7ba20aa-6b5a-11dd-9d79-001fc61c2a55)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_5_7.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products : - Apache - ATS - BIND - CFNetwork - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - iChat - International Components for Unicode - IPSec - Kerberos - Kernel - Launch Services - libxml - Net-SNMP - Network Time - Networking - OpenSSL - PHP - QuickDraw Manager - ruby - Safari - Spotlight - system_cmds - telnet - Terminal - WebKit - X11
    last seen2020-06-01
    modified2020-06-02
    plugin id38744
    published2009-05-13
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38744
    titleMac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12452.NASL
    descriptionThis update for ruby fixes the following security issues : - Improve return value checks for OpenSSL function OCSP_basic_verify() to refuse usage of revoked certificates. (CVE-2009-0642) - Increase entropy of DNS identifiers to avoid spoofing attacks. (CVE-2008-3905) - Fix denial of service (DoS) vulnerability while parsing XML data. (CVE-2008-3790) - Fix possible attack on algorithm complexity in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests or by using the regex engine to cause high CPU load. (CVE-2008-3656, CVE-2008-3443) - Improve ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id41312
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41312
    titleSuSE9 Security Update : ruby (YOU Patch Number 12452)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0981.NASL
    descriptionUpdated ruby packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. Vincent Danen reported, that Red Hat Security Advisory RHSA-2008:0897 did not properly address a denial of service flaw in the WEBrick (Ruby HTTP server toolkit), known as CVE-2008-3656. This flaw allowed a remote attacker to send a specially crafted HTTP request to a WEBrick server that would cause the server to use excessive CPU time. This update properly addresses this flaw. (CVE-2008-4310) All Ruby users should upgrade to these updated packages, which contain a correct patch that resolves this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id35038
    published2008-12-05
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35038
    titleRHEL 4 / 5 : ruby (RHSA-2008:0981)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_RUBY-090703.NASL
    descriptionThis ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug. (CVE-2008-3790) An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id41452
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41452
    titleSuSE 11 Security Update : ruby (SAT Patch Number 1073)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-8736.NASL
    descriptionUpdate to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing
    last seen2020-06-01
    modified2020-06-02
    plugin id34379
    published2008-10-10
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34379
    titleFedora 8 : ruby-1.8.6.287-2.fc8 (2008-8736)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_C329712A6B5B11DD9D79001FC61C2A55.NASL
    descriptionThe official ruby site reports : Several vulnerabilities in safe level have been discovereds:. - untrace_var is permitted at safe level 4; - $PROGRAM_NAME may be modified at safe level 4; - insecure methods may be called at safe level 1-3; - syslog operations are permitted at safe level 4; - dl doesn
    last seen2020-06-01
    modified2020-06-02
    plugin id33906
    published2008-08-17
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/33906
    titleFreeBSD : ruby -- multiple vulnerabilities in safe level (c329712a-6b5b-11dd-9d79-001fc61c2a55)

Oval

accepted2013-04-29T04:21:18.758-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionAlgorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.
familyunix
idoval:org.mitre.oval:def:9682
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleAlgorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.
version27

Redhat

advisories
rhsa
idRHSA-2008:0897
rpms
  • irb-0:1.8.1-7.el4_7.1
  • ruby-0:1.8.1-7.el4_7.1
  • ruby-0:1.8.5-5.el5_2.5
  • ruby-debuginfo-0:1.8.1-7.el4_7.1
  • ruby-debuginfo-0:1.8.5-5.el5_2.5
  • ruby-devel-0:1.8.1-7.el4_7.1
  • ruby-devel-0:1.8.5-5.el5_2.5
  • ruby-docs-0:1.8.1-7.el4_7.1
  • ruby-docs-0:1.8.5-5.el5_2.5
  • ruby-irb-0:1.8.5-5.el5_2.5
  • ruby-libs-0:1.8.1-7.el4_7.1
  • ruby-libs-0:1.8.5-5.el5_2.5
  • ruby-mode-0:1.8.1-7.el4_7.1
  • ruby-mode-0:1.8.5-5.el5_2.5
  • ruby-rdoc-0:1.8.5-5.el5_2.5
  • ruby-ri-0:1.8.5-5.el5_2.5
  • ruby-tcltk-0:1.8.1-7.el4_7.1
  • ruby-tcltk-0:1.8.5-5.el5_2.5

References