Vulnerabilities > CVE-2013-4073 - Cryptographic Issues vulnerability in Ruby-Lang Ruby

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Vulnerable Configurations

Part Description Count
Application
Ruby-Lang
42

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-12123.NASL
    descriptionA vulnerability was found in Ruby
    last seen2020-03-17
    modified2013-07-12
    plugin id67339
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67339
    titleFedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2013-12123.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(67339);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2013-4073");
      script_bugtraq_id(60843);
      script_xref(name:"FEDORA", value:"2013-12123");
    
      script_name(english:"Fedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A vulnerability was found in Ruby's SSL client that could allow
    man-in-the-middle attackers to spoof SSL servers via valid certificate
    issued by a trusted certification authority.
    
    This vulnerability has been assigned the CVE identifier CVE-2013-4073.
    
    This new update should solve this issue.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=979295"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111148.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3b8c5d83"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected ruby package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/07/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC18", reference:"ruby-1.9.3.448-31.fc18")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2013-201.NASL
    descriptionA vulnerability has been discovered and corrected in ruby : A flaw was found in Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id69089
    published2013-07-28
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/69089
    titleMandriva Linux Security Advisory : ruby (MDVSA-2013:201)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2013:201. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(69089);
      script_version("1.9");
      script_cvs_date("Date: 2019/08/02 13:32:55");
    
      script_cve_id("CVE-2013-4073");
      script_bugtraq_id(60843);
      script_xref(name:"MDVSA", value:"2013:201");
    
      script_name(english:"Mandriva Linux Security Advisory : ruby (MDVSA-2013:201)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A vulnerability has been discovered and corrected in ruby :
    
    A flaw was found in Ruby's SSL client's hostname identity check when
    handling certificates that contain hostnames with NULL bytes. An
    attacker could potentially exploit this flaw to conduct
    man-in-the-middle attacks to spoof SSL servers. Note that to exploit
    this issue, an attacker would need to obtain a carefully-crafted
    certificate signed by an authority that the client trusts
    (CVE-2013-4073).
    
    The updated packages have been patched to correct this issue."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=979251"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-tk");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/07/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/28");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"ruby-1.8.7.p358-2.2.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"ruby-devel-1.8.7.p358-2.2.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", reference:"ruby-doc-1.8.7.p358-2.2.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"ruby-tk-1.8.7.p358-2.2.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1428.NASL
    descriptionAccording to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.(CVE-2012-4466) - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090) - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.(CVE-2013-4287) - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.(CVE-2014-8080) - The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a
    last seen2020-03-17
    modified2019-05-14
    plugin id124931
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124931
    titleEulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(124931);
      script_version("1.19");
      script_cvs_date("$Date$");
    
      script_cve_id(
        "CVE-2012-4464",
        "CVE-2012-4466",
        "CVE-2012-4522",
        "CVE-2012-5371",
        "CVE-2013-2065",
        "CVE-2013-4073",
        "CVE-2013-4164",
        "CVE-2013-4287",
        "CVE-2013-4363",
        "CVE-2014-4975",
        "CVE-2014-8080",
        "CVE-2014-8090",
        "CVE-2018-16395",
        "CVE-2018-16396",
        "CVE-2018-8780"
      );
      script_bugtraq_id(
        55757,
        56115,
        56484,
        59881,
        60843,
        62281,
        62442,
        63873,
        68474,
        70935,
        71230
      );
    
      script_name(english:"EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS Virtualization host is missing multiple security
    updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the ruby packages installed, the EulerOS
    Virtualization installation on the remote host is affected by the
    following vulnerabilities :
    
      - Ruby 1.8.7 before patchlevel 371, 1.9.3 before
        patchlevel 286, and 2.0 before revision r37068 allows
        context-dependent attackers to bypass safe-level
        restrictions and modify untainted strings via the
        name_err_mesg_to_str API function, which marks the
        string as tainted, a different vulnerability than
        CVE-2011-1005.(CVE-2012-4466)
    
      - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel
        551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x
        before 2.1.5 allows remote attackers to cause a denial
        of service (CPU and memory consumption) a crafted XML
        document containing an empty string in an entity that
        is used in a large number of nested entity references,
        aka an XML Entity Expansion (XEE) attack. NOTE: this
        vulnerability exists because of an incomplete fix for
        CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090)
    
      - Algorithmic complexity vulnerability in
        Gem::Version::VERSION_PATTERN in
        lib/rubygems/version.rb in RubyGems before 1.8.23.1,
        1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x
        before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247,
        allows remote attackers to cause a denial of service
        (CPU consumption) via a crafted gem version that
        triggers a large amount of backtracking in a regular
        expression.(CVE-2013-4287)
    
      - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x
        before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote
        attackers to cause a denial of service (memory
        consumption) via a crafted XML document, aka an XML
        Entity Expansion (XEE) attack.(CVE-2014-8080)
    
      - The OpenSSL::SSL.verify_certificate_identity function
        in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374,
        1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does
        not properly handle a '\\0' character in a domain name
        in the Subject Alternative Name field of an X.509
        certificate, which allows man-in-the-middle attackers
        to spoof arbitrary SSL servers via a crafted
        certificate issued by a legitimate Certification
        Authority, a related issue to
        CVE-2009-2408.(CVE-2013-4073)
    
      - The rb_get_path_check function in file.c in Ruby 1.9.3
        before patchlevel 286 and Ruby 2.0.0 before r37163
        allows context-dependent attackers to create files in
        unexpected locations or with unexpected names via a NUL
        byte in a file path.(CVE-2012-4522)
    
      - (1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3
        patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do
        not perform taint checking for native functions, which
        allows context-dependent attackers to bypass intended
        $SAFE level restrictions.(CVE-2013-2065)
    
      - Algorithmic complexity vulnerability in
        Gem::Version::ANCHORED_VERSION_PATTERN in
        lib/rubygems/version.rb in RubyGems before 1.8.23.2,
        1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x
        before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247,
        allows remote attackers to cause a denial of service
        (CPU consumption) via a crafted gem version that
        triggers a large amount of backtracking in a regular
        expression. NOTE: this issue is due to an incomplete
        fix for CVE-2013-4287.(CVE-2013-4363)
    
      - Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before
        r37575 computes hash values without properly
        restricting the ability to trigger hash collisions
        predictably, which allows context-dependent attackers
        to cause a denial of service (CPU consumption) via
        crafted input to an application that maintains a hash
        table, as demonstrated by a universal multicollision
        attack against a variant of the MurmurHash2 algorithm,
        a different vulnerability than
        CVE-2011-4815.(CVE-2012-5371)
    
      - Off-by-one error in the encodes function in pack.c in
        Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when
        using certain format string specifiers, allows
        context-dependent attackers to cause a denial of
        service (segmentation fault) via vectors that trigger a
        stack-based buffer overflow.(CVE-2014-4975)
    
      - Heap-based buffer overflow in Ruby 1.8, 1.9 before
        1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0
        preview2, and trunk before revision 43780 allows
        context-dependent attackers to cause a denial of
        service (segmentation fault) and possibly execute
        arbitrary code via a string that is converted to a
        floating point value, as demonstrated using (1) the
        to_f method or (2) JSON.parse.(CVE-2013-4164)
    
      - It was found that the methods from the Dir class did
        not properly handle strings containing the NULL byte.
        An attacker, able to inject NULL bytes in a path, could
        possibly trigger an unspecified behavior of the ruby
        script.(CVE-2018-8780)
    
      - Ruby 1.9.3 before patchlevel 286 and 2.0 before
        revision r37068 allows context-dependent attackers to
        bypass safe-level restrictions and modify untainted
        strings via the (1) exc_to_s or (2) name_err_to_s API
        function, which marks the string as tainted, a
        different vulnerability than CVE-2012-4466. NOTE: this
        issue might exist because of a CVE-2011-1005
        regression.(CVE-2012-4464)
    
      - An issue was discovered in the OpenSSL library in Ruby
        before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2,
        and 2.6.x before 2.6.0-preview3. When two
        OpenSSL::X509::Name objects are compared using ==,
        depending on the ordering, non-equal objects may return
        true. When the first argument is one character longer
        than the second, or the second argument contains a
        character that is one less than a character in the same
        position of the first argument, the result of == will
        be true. This could be leveraged to create an
        illegitimate certificate that may be accepted as
        legitimate and then used in signing or encryption
        operations.(CVE-2018-16395)
    
      - An issue was discovered in Ruby before 2.3.8, 2.4.x
        before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before
        2.6.0-preview3. It does not taint strings that result
        from unpacking tainted strings with some
        formats.(CVE-2018-16396)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1428
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?81cbe7ae");
      script_set_attribute(attribute:"solution", value:
    "Update the affected ruby packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-8780");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/14");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-irb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-bigdecimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-io-console");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-psych");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-rdoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0");
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["ruby-2.0.0.648-33.h12",
            "ruby-irb-2.0.0.648-33.h12",
            "ruby-libs-2.0.0.648-33.h12",
            "rubygem-bigdecimal-1.2.0-33.h12",
            "rubygem-io-console-0.4.2-33.h12",
            "rubygem-json-1.7.7-33.h12",
            "rubygem-psych-2.0.0-33.h12",
            "rubygem-rdoc-4.0.0-33.h12",
            "rubygems-2.0.14.1-33.h12"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-12663.NASL
    description - Update to Ruby 2.0.0-p247 (rhbz#979605). - Fix RubyGems search paths when building gems with native extension. - Make symlinks for psych gem to ruby stdlib dirs. - Add support for ABRT autoloading. - Better support for build without configuration (rhbz#977941). - Use system-wide cert.pem. - Fixes multilib conlicts of .gemspec files. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-07-16
    plugin id68896
    published2013-07-16
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68896
    titleFedora 19 : ruby-2.0.0.247-14.fc19 (2013-12663)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2013-12663.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(68896);
      script_version("1.7");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2013-4073");
      script_bugtraq_id(60843);
      script_xref(name:"FEDORA", value:"2013-12663");
    
      script_name(english:"Fedora 19 : ruby-2.0.0.247-14.fc19 (2013-12663)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Update to Ruby 2.0.0-p247 (rhbz#979605).
    
        - Fix RubyGems search paths when building gems with
          native extension.
    
        - Make symlinks for psych gem to ruby stdlib dirs.
    
        - Add support for ABRT autoloading.
    
        - Better support for build without configuration
          (rhbz#977941).
    
        - Use system-wide cert.pem.
    
        - Fixes multilib conlicts of .gemspec files.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=921650"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=977941"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=979133"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=979295"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=979605"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=983769"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111689.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?37b2b501"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected ruby package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/07/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC19", reference:"ruby-2.0.0.247-14.fc19")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2013-1090.NASL
    descriptionFrom Red Hat Security Advisory 2013:1090 : Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id68976
    published2013-07-19
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68976
    titleOracle Linux 5 / 6 : ruby (ELSA-2013-1090)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2013:1090 and 
    # Oracle Linux Security Advisory ELSA-2013-1090 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(68976);
      script_version("1.10");
      script_cvs_date("Date: 2019/09/30 10:58:18");
    
      script_cve_id("CVE-2013-4073");
      script_bugtraq_id(60843);
      script_xref(name:"RHSA", value:"2013:1090");
    
      script_name(english:"Oracle Linux 5 / 6 : ruby (ELSA-2013-1090)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2013:1090 :
    
    Updated ruby packages that fix one security issue are now available
    for Red Hat Enterprise Linux 5 and 6.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    Ruby is an extensible, interpreted, object-oriented, scripting
    language. It has features to process text files and to do system
    management tasks.
    
    A flaw was found in Ruby's SSL client's hostname identity check when
    handling certificates that contain hostnames with NULL bytes. An
    attacker could potentially exploit this flaw to conduct
    man-in-the-middle attacks to spoof SSL servers. Note that to exploit
    this issue, an attacker would need to obtain a carefully-crafted
    certificate signed by an authority that the client trusts.
    (CVE-2013-4073)
    
    All users of Ruby are advised to upgrade to these updated packages,
    which contain backported patches to resolve this issue."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2013-July/003582.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2013-July/003583.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected ruby packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-irb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-mode");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-rdoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-ri");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-tcltk");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2013/07/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL5", reference:"ruby-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-devel-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-docs-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-irb-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-libs-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-mode-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-rdoc-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-ri-1.8.5-31.el5_9")) flag++;
    if (rpm_check(release:"EL5", reference:"ruby-tcltk-1.8.5-31.el5_9")) flag++;
    
    if (rpm_check(release:"EL6", reference:"ruby-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-devel-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-docs-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-irb-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-libs-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-rdoc-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-ri-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-static-1.8.7.352-12.el6_4")) flag++;
    if (rpm_check(release:"EL6", reference:"ruby-tcltk-1.8.7.352-12.el6_4")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-mode / etc");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_9_2.NASL
    descriptionThe remote host is running a version of Mac OS X 10.9.x that is prior to 10.9.2. This update contains several security-related fixes for the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - CoreText - curl - Data Security - Date and Time - File Bookmark - Finder - ImageIO - NVIDIA Drivers - PHP - QuickLook - QuickTime Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id72687
    published2014-02-25
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/72687
    titleMac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2738.NASL
    descriptionSeveral vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory. - CVE-2013-4073 William (B.J.) Snow Orvis discovered a vulnerability in the hostname checking in Ruby
    last seen2020-03-17
    modified2013-08-20
    plugin id69398
    published2013-08-20
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/69398
    titleDebian DSA-2738-1 : ruby1.9.1 - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-572.NASL
    descriptionwas updated to fix SSL hostname certification (CVE-2013-4073) (bnc#827265). https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91 158f89
    last seen2020-06-05
    modified2014-06-13
    plugin id75079
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75079
    titleopenSUSE Security Update : ruby19 (openSUSE-SU-2013:1179-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-575.NASL
    description - fix cve-2013-4073 (bnc#827265) The fix_cve-2013-4073.patch contains the patch for cve-2013-4073 (bnc#827265) adapted from https://github.com/ruby/ruby/commit/2669b84d407ab431e965 145c827db66c91158f89
    last seen2020-06-05
    modified2014-06-13
    plugin id75082
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75082
    titleopenSUSE Security Update : ruby19 (openSUSE-SU-2013:1181-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2809.NASL
    descriptionSeveral vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory. - CVE-2013-4073 William (B.J.) Snow Orvis discovered a vulnerability in the hostname checking in Ruby
    last seen2020-03-17
    modified2013-12-05
    plugin id71220
    published2013-12-05
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/71220
    titleDebian DSA-2809-1 : ruby1.8 - several vulnerabilities
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_RUBY_20130924.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. (CVE-2011-1005) - The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005. (CVE-2012-4481) - The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a
    last seen2020-06-01
    modified2020-06-02
    plugin id80755
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80755
    titleOracle Solaris Third-Party Patch Update : ruby (cve_2013_4073_cryptographic_issues)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_9.NASL
    descriptionThe remote host is running a version of Mac OS X 10.x that is prior to version 10.9. The newer version contains multiple security-related fixes for the following components : - Application Firewall - App Sandbox - Bluetooth - CFNetwork - CFNetwork SSL - Console - CoreGraphics - curl - dyld - IOKitUser - IOSerialFamily - Kernel - Kext Management - LaunchServices - Libc - Mail Accounts - Mail Header Display - Mail Networking - OpenLDAP - perl - Power Management - python - ruby - Security - Security - Authorization - Security - Smart Card Services - Screen Lock - Screen Sharing Server - syslog - USB
    last seen2020-06-01
    modified2020-06-02
    plugin id70561
    published2013-10-23
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70561
    titleMac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2013-1090.NASL
    descriptionUpdated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id68944
    published2013-07-18
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68944
    titleRHEL 5 / 6 : ruby (RHSA-2013:1090)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2013-1090.NASL
    descriptionUpdated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id68941
    published2013-07-18
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68941
    titleCentOS 5 / 6 : ruby (CESA-2013:1090)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-12062.NASL
    descriptionA vulnerability was found in Ruby
    last seen2020-03-17
    modified2013-07-12
    plugin id67334
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67334
    titleFedora 17 : ruby-1.9.3.448-31.fc17 (2013-12062)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_EBD877B97EF44375B1FDC67780581898.NASL
    descriptionRuby Developers report : Ruby
    last seen2020-06-01
    modified2020-06-02
    plugin id67251
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67251
    titleFreeBSD : ruby -- Hostname check bypassing vulnerability in SSL client (ebd877b9-7ef4-4375-b1fd-c67780581898)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_RUBY-8639.NASL
    descriptionRuby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue.
    last seen2020-06-05
    modified2013-07-30
    plugin id69118
    published2013-07-30
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69118
    titleSuSE 10 Security Update : ruby (ZYPP Patch Number 8639)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20130717_RUBY_ON_SL5_X.NASL
    descriptionA flaw was found in Ruby
    last seen2020-03-18
    modified2013-07-18
    plugin id68946
    published2013-07-18
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68946
    titleScientific Linux Security Update : ruby on SL5.x, SL6.x i386/srpm/x86_64 (20130717)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2013-1137.NASL
    descriptionUpdated ruby193-ruby packages that fix one security issue are now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby
    last seen2020-06-13
    modified2018-12-04
    plugin id119342
    published2018-12-04
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119342
    titleRHEL 6 : ruby193-ruby (RHSA-2013:1137)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_PYTHON-201402-140224.NASL
    descriptionThis update for Python fixes the following security issues : - SSL module does not handle certificates that contain hostnames with NULL bytes. (CVE-2013-4238). (bnc#834601) - Various stdlib read flaws. (CVE-2013-1752) Additionally, the following non-security issues have been fixed:. (bnc#856836) - Turn off OpenSSL
    last seen2020-06-05
    modified2014-03-07
    plugin id72873
    published2014-03-07
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/72873
    titleSuSE 11.3 Security Update : python (SAT Patch Number 8892)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1902-1.NASL
    descriptionWilliam (B.J.) Snow Orvis discovered that Ruby incorrectly verified the hostname in SSL certificates. An attacker could trick Ruby into trusting a rogue server certificate, which was signed by a trusted certificate authority, to perform a man-in-the-middle attack. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id67224
    published2013-07-10
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67224
    titleUbuntu 12.04 LTS / 12.10 / 13.04 : ruby1.8, ruby1.9.1 vulnerability (USN-1902-1)
  • NASL familyCGI abuses
    NASL idPHP_5_3_28.NASL
    descriptionAccording to its banner, the version of PHP installed on the remote host is 5.3.x prior to 5.3.28. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists in the PHP OpenSSL extension
    last seen2020-06-01
    modified2020-06-02
    plugin id71426
    published2013-12-14
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/71426
    titlePHP 5.3.x < 5.3.28 Multiple OpenSSL Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_RUBY-130708.NASL
    descriptionRuby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue.
    last seen2020-06-05
    modified2013-07-31
    plugin id69168
    published2013-07-31
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69168
    titleSuSE 11.2 / 11.3 Security Update : ruby (SAT Patch Numbers 8026 / 8027)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2014-001.NASL
    descriptionThe remote host is running a version of Mac OS X 10.7 or 10.8 that does not have Security Update 2014-001 applied. This update contains several security-related fixes for the following components : - Apache - App Sandbox - ATS - Certificate Trust Policy - CFNetwork Cookies - CoreAnimation - Date and Time - File Bookmark - ImageIO - IOSerialFamily - LaunchServices - NVIDIA Drivers - PHP - QuickLook - QuickTime - Secure Transport Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id72688
    published2014-02-25
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/72688
    titleMac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)
  • NASL familyCGI abuses
    NASL idPUPPET_ENTERPRISE_301.NASL
    descriptionAccording to its self-reported version number, the Puppet Enterprise install on the remote host is a version prior to 3.0.1. As a result, it reportedly has multiple vulnerabilities: - An error exists related to the included Ruby SSL client that could allow man-in-the-middle attacks. (CVE-2013-4073) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id70663
    published2013-10-28
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70663
    titlePuppet Enterprise < 3.0.1 Multiple Vulnerabilities
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2013-178-01.NASL
    descriptionNew ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id67009
    published2013-06-28
    reporterThis script is Copyright (C) 2013 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67009
    titleSlackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-178-01)

Redhat

advisories
  • bugzilla
    id979251
    titleCVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentruby-devel is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090001
          • commentruby-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965004
        • AND
          • commentruby-mode is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090003
          • commentruby-mode is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965016
        • AND
          • commentruby is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090005
          • commentruby is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965010
        • AND
          • commentruby-rdoc is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090007
          • commentruby-rdoc is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965018
        • AND
          • commentruby-docs is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090009
          • commentruby-docs is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965012
        • AND
          • commentruby-ri is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090011
          • commentruby-ri is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965002
        • AND
          • commentruby-libs is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090013
          • commentruby-libs is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965014
        • AND
          • commentruby-irb is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090015
          • commentruby-irb is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965008
        • AND
          • commentruby-tcltk is earlier than 0:1.8.5-31.el5_9
            ovaloval:com.redhat.rhsa:tst:20131090017
          • commentruby-tcltk is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070965006
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentruby-devel is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090020
          • commentruby-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20193384026
        • AND
          • commentruby-rdoc is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090022
          • commentruby-rdoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110910004
        • AND
          • commentruby-irb is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090024
          • commentruby-irb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20193384070
        • AND
          • commentruby is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090026
          • commentruby is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20193384030
        • AND
          • commentruby-libs is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090028
          • commentruby-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20193384024
        • AND
          • commentruby-static is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090030
          • commentruby-static is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110910002
        • AND
          • commentruby-ri is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090032
          • commentruby-ri is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110910012
        • AND
          • commentruby-tcltk is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090034
          • commentruby-tcltk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110910008
        • AND
          • commentruby-docs is earlier than 0:1.8.7.352-12.el6_4
            ovaloval:com.redhat.rhsa:tst:20131090036
          • commentruby-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110910016
    rhsa
    idRHSA-2013:1090
    released2013-07-17
    severityModerate
    titleRHSA-2013:1090: ruby security update (Moderate)
  • rhsa
    idRHSA-2013:1103
  • rhsa
    idRHSA-2013:1137
rpms
  • ruby-0:1.8.5-31.el5_9
  • ruby-0:1.8.7.352-12.el6_4
  • ruby-debuginfo-0:1.8.5-31.el5_9
  • ruby-debuginfo-0:1.8.7.352-12.el6_4
  • ruby-devel-0:1.8.5-31.el5_9
  • ruby-devel-0:1.8.7.352-12.el6_4
  • ruby-docs-0:1.8.5-31.el5_9
  • ruby-docs-0:1.8.7.352-12.el6_4
  • ruby-irb-0:1.8.5-31.el5_9
  • ruby-irb-0:1.8.7.352-12.el6_4
  • ruby-libs-0:1.8.5-31.el5_9
  • ruby-libs-0:1.8.7.352-12.el6_4
  • ruby-mode-0:1.8.5-31.el5_9
  • ruby-rdoc-0:1.8.5-31.el5_9
  • ruby-rdoc-0:1.8.7.352-12.el6_4
  • ruby-ri-0:1.8.5-31.el5_9
  • ruby-ri-0:1.8.7.352-12.el6_4
  • ruby-static-0:1.8.7.352-12.el6_4
  • ruby-tcltk-0:1.8.5-31.el5_9
  • ruby-tcltk-0:1.8.7.352-12.el6_4
  • ruby193-ruby-0:1.9.3.429-34.2.el6ost
  • ruby193-ruby-debuginfo-0:1.9.3.429-34.2.el6ost
  • ruby193-ruby-devel-0:1.9.3.429-34.2.el6ost
  • ruby193-ruby-doc-0:1.9.3.429-34.2.el6ost
  • ruby193-ruby-irb-0:1.9.3.429-34.2.el6ost
  • ruby193-ruby-libs-0:1.9.3.429-34.2.el6ost
  • ruby193-ruby-tcltk-0:1.9.3.429-34.2.el6ost
  • ruby193-rubygem-bigdecimal-0:1.1.0-34.2.el6ost
  • ruby193-rubygem-io-console-0:0.3-34.2.el6ost
  • ruby193-rubygem-json-0:1.5.5-34.2.el6ost
  • ruby193-rubygem-minitest-0:2.5.1-34.2.el6ost
  • ruby193-rubygem-rake-0:0.9.2.2-34.2.el6ost
  • ruby193-ruby-0:1.9.3.448-38.el6
  • ruby193-ruby-debuginfo-0:1.9.3.448-38.el6
  • ruby193-ruby-devel-0:1.9.3.448-38.el6
  • ruby193-ruby-doc-0:1.9.3.448-38.el6
  • ruby193-ruby-irb-0:1.9.3.448-38.el6
  • ruby193-ruby-libs-0:1.9.3.448-38.el6
  • ruby193-ruby-tcltk-0:1.9.3.448-38.el6
  • ruby193-rubygem-bigdecimal-0:1.1.0-38.el6
  • ruby193-rubygem-io-console-0:0.3-38.el6
  • ruby193-rubygem-json-0:1.5.5-38.el6
  • ruby193-rubygem-rake-0:0.9.2.2-38.el6
  • ruby193-rubygem-rdoc-0:3.9.5-38.el6
  • ruby193-rubygems-0:1.8.23-38.el6
  • ruby193-rubygems-devel-0:1.8.23-38.el6