Vulnerabilities > CVE-2011-4815 - Improper Input Validation vulnerability in Ruby-Lang Ruby
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Server Side Include (SSI) Injection An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
- Cross Zone Scripting An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
- Cross Site Scripting through Log Files An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
- Command Line Execution through SQL Injection An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_10_7_4.NASL description The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.4. The newer version contains numerous security-related fixes for the following components : - Login Window - Bluetooth - curl - HFS - Kernel - libarchive - libsecurity - libxml - LoginUIFramework - PHP - Quartz Composer - QuickTime - Ruby - Security Framework - Time Machine - X11 Note that this update addresses the recent FileVault password vulnerability, in which user passwords are stored in plaintext to a system-wide debug log if the legacy version of FileVault is used to encrypt user directories after a system upgrade to Lion. Since the patch only limits further exposure, though, we recommend that all users on the system change their passwords if user folders were encrypted using the legacy version of FileVault prior to and after an upgrade to OS X 10.7. last seen 2020-06-01 modified 2020-06-02 plugin id 59066 published 2012-05-10 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59066 title Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST) code # # (C) Tenable Network Security, Inc. # if (!defined_func("bn_random")) exit(0); if (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs. include("compat.inc"); if (description) { script_id(59066); script_version("1.27"); script_cvs_date("Date: 2018/07/16 12:48:31"); script_cve_id( "CVE-2011-1004", "CVE-2011-1005", "CVE-2011-1777", "CVE-2011-1778", "CVE-2011-1944", "CVE-2011-2821", "CVE-2011-2834", "CVE-2011-2895", "CVE-2011-3212", "CVE-2011-3389", "CVE-2011-3919", "CVE-2011-4566", "CVE-2011-4815", "CVE-2011-4885", "CVE-2012-0036", "CVE-2012-0642", "CVE-2012-0649", "CVE-2012-0652", "CVE-2012-0654", "CVE-2012-0655", "CVE-2012-0656", "CVE-2012-0657", "CVE-2012-0658", "CVE-2012-0659", "CVE-2012-0660", "CVE-2012-0661", "CVE-2012-0662", "CVE-2012-0675", "CVE-2012-0830" ); script_bugtraq_id( 46458, 46460, 47737, 48056, 49124, 49279, 49658, 49778, 50907, 51193, 51198, 51300, 51665, 51830, 52364, 53456, 53457, 53459, 53462, 53465, 53466, 53467, 53468, 53469, 53470, 53471, 53473 ); script_xref(name:"TRA", value:"TRA-2012-02"); script_xref(name:"CERT", value:"864643"); script_xref(name:"ZDI", value:"ZDI-12-135"); script_name(english:"Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST)"); script_summary(english:"Check the version of Mac OS X."); script_set_attribute( attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes several security issues." ); script_set_attribute( attribute:"description", value: "The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.4. The newer version contains numerous security-related fixes for the following components : - Login Window - Bluetooth - curl - HFS - Kernel - libarchive - libsecurity - libxml - LoginUIFramework - PHP - Quartz Composer - QuickTime - Ruby - Security Framework - Time Machine - X11 Note that this update addresses the recent FileVault password vulnerability, in which user passwords are stored in plaintext to a system-wide debug log if the legacy version of FileVault is used to encrypt user directories after a system upgrade to Lion. Since the patch only limits further exposure, though, we recommend that all users on the system change their passwords if user folders were encrypted using the legacy version of FileVault prior to and after an upgrade to OS X 10.7." ); script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/research/tra-2012-02"); script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT5281"); script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"); script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-12-135"); script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2012/Aug/64"); script_set_attribute(attribute:"see_also", value:"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html"); script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/~bodo/tls-cbc.txt"); script_set_attribute( attribute:"solution", value:"Upgrade to Mac OS X 10.7.4 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/05/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/05/10"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_set_attribute(attribute:"in_the_news", value:"true"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl"); exit(0); } os = get_kb_item("Host/MacOSX/Version"); if (!os) { os = get_kb_item("Host/OS"); if (isnull(os)) exit(0, "The 'Host/OS' KB item is missing."); if ("Mac OS X" >!< os) exit(0, "The host does not appear to be running Mac OS X."); c = get_kb_item("Host/OS/Confidence"); if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence."); } if (!os) exit(0, "The host does not appear to be running Mac OS X."); if (ereg(pattern:"Mac OS X 10\.7($|\.[0-3]([^0-9]|$))", string:os)) security_hole(0); else exit(0, "The host is not affected as it is running "+os+".");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0069.NASL description Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) Red Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters. All users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-04-16 modified 2012-01-31 plugin id 57746 published 2012-01-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57746 title RHEL 6 : ruby (RHSA-2012:0069) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:0069. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(57746); script_version ("1.20"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/15"); script_cve_id("CVE-2011-4815"); script_bugtraq_id(51198); script_xref(name:"RHSA", value:"2012:0069"); script_name(english:"RHEL 6 : ruby (RHSA-2012:0069)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) Red Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters. All users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue." ); # http://www.ocert.org/advisories/ocert-2011-003.html script_set_attribute( attribute:"see_also", value:"http://ocert.org/advisories/ocert-2011-003.html" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:0069" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-4815" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-irb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-ri"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.2"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/12/30"); script_set_attribute(attribute:"patch_publication_date", value:"2012/01/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2012:0069"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", reference:"ruby-debuginfo-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", reference:"ruby-devel-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-docs-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-docs-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-docs-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-irb-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-irb-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-irb-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", reference:"ruby-libs-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-rdoc-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-rdoc-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-rdoc-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-ri-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-ri-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-ri-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-static-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-static-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-static-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ruby-tcltk-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ruby-tcltk-1.8.7.352-4.el6_2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-tcltk-1.8.7.352-4.el6_2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc"); } }NASL family Solaris Local Security Checks NASL id SOLARIS11_RUBY_20120417.NASL description The remote Solaris system is missing necessary patches to address security updates : - Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. (CVE-2011-4815) last seen 2020-06-01 modified 2020-06-02 plugin id 80754 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80754 title Oracle Solaris Third-Party Patch Update : ruby (cve_2011_4815_denial_of) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1428.NASL description According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.(CVE-2012-4466) - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090) - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.(CVE-2013-4287) - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.(CVE-2014-8080) - The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a last seen 2020-03-17 modified 2019-05-14 plugin id 124931 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124931 title EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428) NASL family Fedora Local Security Checks NASL id FEDORA_2011-17542.NASL description A security flaw was found on the previous ruby that with some series of strings which was specially crafted to intentionally collide their hash values with each other, rails applications may fall into denial of services when such strings are used in HTTP requests (CVE-2011-4815). This new ruby will fix this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57477 published 2012-01-11 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57477 title Fedora 16 : ruby-1.8.7.357-1.fc16 (2011-17542) NASL family Fedora Local Security Checks NASL id FEDORA_2011-17551.NASL description A security flaw was found on the previous ruby that with some series of strings which was specially crafted to intentionally collide their hash values with each other, rails applications may fall into denial of services when such strings are used in HTTP requests (CVE-2011-4815). This new ruby will fix this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57478 published 2012-01-11 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57478 title Fedora 15 : ruby-1.8.7.357-1.fc15 (2011-17551) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2012-024.NASL description A vulnerability has been found and corrected in ruby : Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table (CVE-2011-4815). The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 58163 published 2012-02-29 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58163 title Mandriva Linux Security Advisory : ruby (MDVSA-2012:024) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1377-1.NASL description Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site scripting attacks when displaying error pages. A remote attacker could use this flaw to run arbitrary web script. (CVE-2010-0541) Drew Yao discovered that Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 58146 published 2012-02-28 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58146 title Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : ruby1.8 vulnerabilities (USN-1377-1) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-263.NASL description Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1. CVE-2012-5371 Jean-Philippe Aumasson identified that Ruby computed hash values without properly restricting the ability to trigger hash collisions predictably, allowing context-dependent attackers to cause a denial of service (CPU consumption). This is a different vulnerability than CVE-2011-4815. CVE-2013-0269 Thomas Hollstegge and Ben Murphy found that the JSON gem for Ruby allowed remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects. For the squeeze distribution, theses vulnerabilities have been fixed in version 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you upgrade your ruby1.9.1 package. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-07-02 plugin id 84494 published 2015-07-02 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84494 title Debian DLA-263-1 : ruby1.9.1 security update NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0070.NASL description Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) It was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009) Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4815. All users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57734 published 2012-01-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57734 title CentOS 4 / 5 : ruby (CESA-2012:0070) NASL family Scientific Linux Local Security Checks NASL id SL_20120130_RUBY_ON_SL4_X.NASL description Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) It was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009) All users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. last seen 2020-03-18 modified 2012-08-01 plugin id 61228 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61228 title Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64 (20120130) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL description oCERT reports : A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue finds particular exposure in web server applications and/or frameworks. In particular, the lack of sufficient limits for the number of parameters in POST requests in conjunction with the predictable collision properties in the hashing functions of the underlying languages can render web applications vulnerable to the DoS condition. The attacker, using specially crafted HTTP requests, can lead to a 100% of CPU usage which can last up to several hours depending on the targeted application and server performance, the amplification effect is considerable and requires little bandwidth and time on the attacker side. The condition for predictable collisions in the hashing functions has been reported for the following language implementations : Java, JRuby, PHP, Python, Rubinius, Ruby. In the case of the Ruby language, the 1.9.x branch is not affected by the predictable collision condition since this version includes a randomization of the hashing function. The vulnerability outlined in this advisory is practically identical to the one reported in 2003 and described in the paper Denial of Service via Algorithmic Complexity Attacks which affected the Perl language. last seen 2020-06-01 modified 2020-06-02 plugin id 57552 published 2012-01-16 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57552 title FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d) NASL family SuSE Local Security Checks NASL id SUSE_11_4_RUBY-120117.NASL description This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes, which are fully compatible with the previous version. You can review the detailed list here : http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog The particularly noteworthy fixes are : - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks (CVE-2011-4815). For this OpenSSL::Random.seed at the SecureRandom.random_bytes is used if available. - mkconfig.rb: fix for continued lines. - Fix Infinity to be greater than any bignum number. - initialize store->ex_data.sk. - some IPv6 related fixes - zlib fixes - reinitialize PRNG when forking children (CVE-2011-2686/CVE-2011-3009) - securerandom fixes (CVE-2011-2705) - uri route_to fixes - fix race condition with variables and autoload last seen 2020-06-05 modified 2014-06-13 plugin id 76015 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76015 title openSUSE Security Update : ruby (openSUSE-SU-2012:0228-1) NASL family SuSE Local Security Checks NASL id SUSE_11_RUBY-187P357-120127.NASL description This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes while maintaining full compatibility with the previous version. A detailailed list of changes is available from http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog . The most important fixes are : - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks. If available, OpenSSL::Random.seed at the SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815) - mkconfig.rb: fix for continued lines. - Fix Infinity to be greater than any bignum number. - Initialize store->ex_data.sk. - Several IPv6 related fixes. - Fixes for zlib. - Reinitialize PRNG when forking children. (CVE-2011-2686 / CVE-2011-3009) - Fixes to securerandom. (CVE-2011-2705) - Fix uri route_to - Fix race condition with variables and autoload. last seen 2020-06-05 modified 2012-02-06 plugin id 57841 published 2012-02-06 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57841 title SuSE 11.1 Security Update : ruby (SAT Patch Number 5716) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0069.NASL description Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) Red Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters. All users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 57733 published 2012-01-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57733 title CentOS 6 : ruby (CESA-2012:0069) NASL family Scientific Linux Local Security Checks NASL id SL_20120130_RUBY_ON_SL6_X.NASL description Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) All users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-03-18 modified 2012-08-01 plugin id 61229 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61229 title Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20120130) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0070.NASL description From Red Hat Security Advisory 2012:0070 : Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) It was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009) Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4815. All users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 68441 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68441 title Oracle Linux 4 / 5 : ruby (ELSA-2012-0070) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0070.NASL description Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) It was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009) Red Hat would like to thank oCERT for reporting CVE-2011-4815. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2011-4815. All users of ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. last seen 2020-04-16 modified 2012-01-31 plugin id 57747 published 2012-01-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57747 title RHEL 4 / 5 : ruby (RHSA-2012:0070) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2012-002.NASL description The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-002 applied. This update contains multiple security-related fixes for the following components : - curl - Directory Service - ImageIO - libarchive - libsecurity - libxml - Quartz Composer - QuickTime - Ruby - Samba - Security Framework last seen 2020-06-01 modified 2020-06-02 plugin id 59067 published 2012-05-10 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59067 title Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-27.NASL description The remote host is affected by the vulnerability described in GLSA-201412-27 (Ruby: Denial of Service) Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or bypass security restrictions. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 79980 published 2014-12-15 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79980 title GLSA-201412-27 : Ruby: Denial of Service NASL family SuSE Local Security Checks NASL id SUSE_11_RUBY-187P357-120126.NASL description This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes while maintaining full compatibility with the previous version. A detailailed list of changes is available from http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog . The most important fixes are : - Hash functions are now using a randomized seed to avoid algorithmic complexity attacks. If available, OpenSSL::Random.seed at the SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815) - mkconfig.rb: fix for continued lines. - Fix Infinity to be greater than any bignum number. - Initialize store->ex_data.sk. - Several IPv6 related fixes. - Fixes for zlib. - Reinitialize PRNG when forking children. (CVE-2011-2686 / CVE-2011-3009) - Fixes to securerandom. (CVE-2011-2705) - Fix uri route_to - Fix race condition with variables and autoload. last seen 2020-06-05 modified 2012-02-06 plugin id 57840 published 2012-02-06 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57840 title SuSE 11.1 Security Update : ruby (SAT Patch Number 5716) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0069.NASL description From Red Hat Security Advisory 2012:0069 : Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815) Red Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters. All users of ruby are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 68440 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68440 title Oracle Linux 6 : ruby (ELSA-2012-0069) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-88.NASL description This update fixes multiple local and remote denial of service and remote code execute problems : CVE-2011-0188 Properly allocate memory, to prevent arbitrary code execution or application crash. Reported by Drew Yao. CVE-2011-2686 Reinitialize the random seed when forking to prevent CVE-2003-0900 like situations. CVE-2011-2705 Modify PRNG state to prevent random number sequence repeatation at forked child process which has same pid. Reported by Eric Wong. CVE-2011-4815 Fix a problem with predictable hash collisions resulting in denial of service (CPU consumption) attacks. Reported by Alexander Klink and Julian Waelde. CVE-2014-8080 Fix REXML parser to prevent memory consumption denial of service via crafted XML documents. Reported by Willis Vandevanter. CVE-2014-8090 Add REXML::Document#document to complement the fix for CVE-2014-8080. Reported by Tomas Hoger. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-03-26 plugin id 82233 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82233 title Debian DLA-88-1 : ruby1.8 security update NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2012-35.NASL description Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. last seen 2020-06-01 modified 2020-06-02 plugin id 69642 published 2013-09-04 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69642 title Amazon Linux AMI : ruby (ALAS-2012-35)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
bulletinFamily exploit description No description provided by source. id SSV:26121 last seen 2017-11-19 modified 2011-12-29 published 2011-12-29 reporter Root source https://www.seebug.org/vuldb/ssvid-26121 title Multiple Programming Language Implementations Vulnerable to Hash Table Collision Attacks bulletinFamily exploit description BUGTRAQ ID: 51198 CVE ID: CVE-2011-4815 Ruby一种为简单快捷对象导向编程(面向对象程序设计)而创的脚本语言。 Ruby处理在哈希表单张贴和更新哈希表单时,哈希生成函数中存在错误,通过在HTTP POST请求中发送特制的表单,攻击者可利用此漏洞造成哈希冲突,导致较高的CPU消耗。 0 Ruby 1.x 厂商补丁: Yukihiro Matsumoto ------------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.ruby-lang.org/ id SSV:26126 last seen 2017-11-19 modified 2011-12-30 published 2011-12-30 reporter Root title Ruby哈希冲突拒绝服务漏洞
References
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
- http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606
- http://jvn.jp/en/jp/JVN90615481/index.html
- http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000066.html
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
- http://rhn.redhat.com/errata/RHSA-2012-0069.html
- http://rhn.redhat.com/errata/RHSA-2012-0070.html
- http://secunia.com/advisories/47405
- http://secunia.com/advisories/47822
- http://support.apple.com/kb/HT5281
- http://www.kb.cert.org/vuls/id/903934
- http://www.nruns.com/_downloads/advisory28122011.pdf
- http://www.ocert.org/advisories/ocert-2011-003.html
- http://www.ruby-lang.org/en/news/2011/12/28/denial-of-service-attack-was-found-for-rubys-hash-algorithm/
- http://www.securitytracker.com/id?1026474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72020