Vulnerabilities > CVE-2013-1812 - Resource Management Errors vulnerability in multiple products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 | |
| Application | 2 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201405-14.NASL description The remote host is affected by the vulnerability described in GLSA-201405-14 (Ruby OpenID: Denial of Service) An XML entity parsing error has been discovered in Ruby OpenID. Impact : A remote attacker could send a specially crafted XML file, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 74057 published 2014-05-19 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74057 title GLSA-201405-14 : Ruby OpenID: Denial of Service code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201405-14. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(74057); script_version("$Revision: 1.3 $"); script_cvs_date("$Date: 2015/04/13 14:27:08 $"); script_cve_id("CVE-2013-1812"); script_bugtraq_id(58258); script_xref(name:"GLSA", value:"201405-14"); script_name(english:"GLSA-201405-14 : Ruby OpenID: Denial of Service"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201405-14 (Ruby OpenID: Denial of Service) An XML entity parsing error has been discovered in Ruby OpenID. Impact : A remote attacker could send a specially crafted XML file, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201405-14" ); script_set_attribute( attribute:"solution", value: "All Ruby OpenID users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-ruby/ruby-openid-2.2.2'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ruby-openid"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-ruby/ruby-openid", unaffected:make_list("ge 2.2.2"), vulnerable:make_list("lt 2.2.2"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ruby OpenID"); }NASL family Fedora Local Security Checks NASL id FEDORA_2013-20260.NASL description (Package is renamed from ruby-openid.) This package is a Ruby library for verifying and serving OpenID identities. Ruby OpenID makes it easy to add OpenID authentication to your web applications. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-11-08 plugin id 70786 published 2013-11-08 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70786 title Fedora 19 : rubygem-ruby-openid-2.3.0-3.fc19 (2013-20260) NASL family Fedora Local Security Checks NASL id FEDORA_2013-20238.NASL description New package. A Ruby library for verifying and serving OpenID identities. Ruby OpenID makes it easy to add OpenID authentication to your web applications. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-11-11 plugin id 70811 published 2013-11-11 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70811 title Fedora 20 : rubygem-ruby-openid-2.3.0-3.fc20 (2013-20238)
References
- http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120204.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120361.html
- http://www.openwall.com/lists/oss-security/2013/03/03/8
- https://bugzilla.redhat.com/show_bug.cgi?id=918134
- https://github.com/openid/ruby-openid/blob/master/CHANGELOG.md
- https://github.com/openid/ruby-openid/commit/a3693cef06049563f5b4e4824f4d3211288508ed
- https://github.com/openid/ruby-openid/pull/43