Vulnerabilities > CVE-2013-4073 - Cryptographic Issues vulnerability in Ruby-Lang Ruby
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 42 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2013-12123.NASL description A vulnerability was found in Ruby last seen 2020-03-17 modified 2013-07-12 plugin id 67339 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67339 title Fedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-12123. # include("compat.inc"); if (description) { script_id(67339); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4073"); script_bugtraq_id(60843); script_xref(name:"FEDORA", value:"2013-12123"); script_name(english:"Fedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "A vulnerability was found in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority. This vulnerability has been assigned the CVE identifier CVE-2013-4073. This new update should solve this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=979295" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111148.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?3b8c5d83" ); script_set_attribute(attribute:"solution", value:"Update the affected ruby package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC18", reference:"ruby-1.9.3.448-31.fc18")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-201.NASL description A vulnerability has been discovered and corrected in ruby : A flaw was found in Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 69089 published 2013-07-28 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69089 title Mandriva Linux Security Advisory : ruby (MDVSA-2013:201) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2013:201. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(69089); script_version("1.9"); script_cvs_date("Date: 2019/08/02 13:32:55"); script_cve_id("CVE-2013-4073"); script_bugtraq_id(60843); script_xref(name:"MDVSA", value:"2013:201"); script_name(english:"Mandriva Linux Security Advisory : ruby (MDVSA-2013:201)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A vulnerability has been discovered and corrected in ruby : A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully-crafted certificate signed by an authority that the client trusts (CVE-2013-4073). The updated packages have been patched to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=979251" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-tk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"ruby-1.8.7.p358-2.2.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"ruby-devel-1.8.7.p358-2.2.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", reference:"ruby-doc-1.8.7.p358-2.2.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"ruby-tk-1.8.7.p358-2.2.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1428.NASL description According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.(CVE-2012-4466) - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090) - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.(CVE-2013-4287) - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.(CVE-2014-8080) - The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a last seen 2020-03-17 modified 2019-05-14 plugin id 124931 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124931 title EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(124931); script_version("1.19"); script_cvs_date("$Date$"); script_cve_id( "CVE-2012-4464", "CVE-2012-4466", "CVE-2012-4522", "CVE-2012-5371", "CVE-2013-2065", "CVE-2013-4073", "CVE-2013-4164", "CVE-2013-4287", "CVE-2013-4363", "CVE-2014-4975", "CVE-2014-8080", "CVE-2014-8090", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-8780" ); script_bugtraq_id( 55757, 56115, 56484, 59881, 60843, 62281, 62442, 63873, 68474, 70935, 71230 ); script_name(english:"EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS Virtualization host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.(CVE-2012-4466) - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.(CVE-2014-8090) - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.(CVE-2013-4287) - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.(CVE-2014-8080) - The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.(CVE-2013-4073) - The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.(CVE-2012-4522) - (1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions.(CVE-2013-2065) - Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287.(CVE-2013-4363) - Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815.(CVE-2012-5371) - Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.(CVE-2014-4975) - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.(CVE-2013-4164) - It was found that the methods from the Dir class did not properly handle strings containing the NULL byte. An attacker, able to inject NULL bytes in a path, could possibly trigger an unspecified behavior of the ruby script.(CVE-2018-8780) - Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression.(CVE-2012-4464) - An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.(CVE-2018-16395) - An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.(CVE-2018-16396) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1428 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?81cbe7ae"); script_set_attribute(attribute:"solution", value: "Update the affected ruby packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-8780"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"patch_publication_date", value:"2019/05/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-irb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-bigdecimal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-io-console"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-psych"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-rdoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygems"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0"); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["ruby-2.0.0.648-33.h12", "ruby-irb-2.0.0.648-33.h12", "ruby-libs-2.0.0.648-33.h12", "rubygem-bigdecimal-1.2.0-33.h12", "rubygem-io-console-0.4.2-33.h12", "rubygem-json-1.7.7-33.h12", "rubygem-psych-2.0.0-33.h12", "rubygem-rdoc-4.0.0-33.h12", "rubygems-2.0.14.1-33.h12"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2013-12663.NASL description - Update to Ruby 2.0.0-p247 (rhbz#979605). - Fix RubyGems search paths when building gems with native extension. - Make symlinks for psych gem to ruby stdlib dirs. - Add support for ABRT autoloading. - Better support for build without configuration (rhbz#977941). - Use system-wide cert.pem. - Fixes multilib conlicts of .gemspec files. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-07-16 plugin id 68896 published 2013-07-16 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68896 title Fedora 19 : ruby-2.0.0.247-14.fc19 (2013-12663) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-12663. # include("compat.inc"); if (description) { script_id(68896); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4073"); script_bugtraq_id(60843); script_xref(name:"FEDORA", value:"2013-12663"); script_name(english:"Fedora 19 : ruby-2.0.0.247-14.fc19 (2013-12663)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Update to Ruby 2.0.0-p247 (rhbz#979605). - Fix RubyGems search paths when building gems with native extension. - Make symlinks for psych gem to ruby stdlib dirs. - Add support for ABRT autoloading. - Better support for build without configuration (rhbz#977941). - Use system-wide cert.pem. - Fixes multilib conlicts of .gemspec files. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=921650" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=977941" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=979133" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=979295" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=979605" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=983769" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/111689.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?37b2b501" ); script_set_attribute(attribute:"solution", value:"Update the affected ruby package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC19", reference:"ruby-2.0.0.247-14.fc19")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby"); }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1090.NASL description From Red Hat Security Advisory 2013:1090 : Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 68976 published 2013-07-19 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68976 title Oracle Linux 5 / 6 : ruby (ELSA-2013-1090) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:1090 and # Oracle Linux Security Advisory ELSA-2013-1090 respectively. # include("compat.inc"); if (description) { script_id(68976); script_version("1.10"); script_cvs_date("Date: 2019/09/30 10:58:18"); script_cve_id("CVE-2013-4073"); script_bugtraq_id(60843); script_xref(name:"RHSA", value:"2013:1090"); script_name(english:"Oracle Linux 5 / 6 : ruby (ELSA-2013-1090)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2013:1090 : Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully-crafted certificate signed by an authority that the client trusts. (CVE-2013-4073) All users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve this issue." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-July/003582.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-July/003583.html" ); script_set_attribute(attribute:"solution", value:"Update the affected ruby packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-irb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-mode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-rdoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-ri"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-tcltk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/17"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/19"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL5", reference:"ruby-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-devel-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-docs-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-irb-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-libs-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-mode-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-rdoc-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-ri-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL5", reference:"ruby-tcltk-1.8.5-31.el5_9")) flag++; if (rpm_check(release:"EL6", reference:"ruby-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-devel-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-docs-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-irb-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-libs-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-rdoc-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-ri-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-static-1.8.7.352-12.el6_4")) flag++; if (rpm_check(release:"EL6", reference:"ruby-tcltk-1.8.7.352-12.el6_4")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-mode / etc"); }
NASL family MacOS X Local Security Checks NASL id MACOSX_10_9_2.NASL description The remote host is running a version of Mac OS X 10.9.x that is prior to 10.9.2. This update contains several security-related fixes for the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - CoreText - curl - Data Security - Date and Time - File Bookmark - Finder - ImageIO - NVIDIA Drivers - PHP - QuickLook - QuickTime Note that successful exploitation of the most serious issues could result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 72687 published 2014-02-25 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72687 title Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2738.NASL description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory. - CVE-2013-4073 William (B.J.) Snow Orvis discovered a vulnerability in the hostname checking in Ruby last seen 2020-03-17 modified 2013-08-20 plugin id 69398 published 2013-08-20 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69398 title Debian DSA-2738-1 : ruby1.9.1 - several vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-572.NASL description was updated to fix SSL hostname certification (CVE-2013-4073) (bnc#827265). https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91 158f89 last seen 2020-06-05 modified 2014-06-13 plugin id 75079 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75079 title openSUSE Security Update : ruby19 (openSUSE-SU-2013:1179-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-575.NASL description - fix cve-2013-4073 (bnc#827265) The fix_cve-2013-4073.patch contains the patch for cve-2013-4073 (bnc#827265) adapted from https://github.com/ruby/ruby/commit/2669b84d407ab431e965 145c827db66c91158f89 last seen 2020-06-05 modified 2014-06-13 plugin id 75082 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75082 title openSUSE Security Update : ruby19 (openSUSE-SU-2013:1181-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2809.NASL description Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory. - CVE-2013-4073 William (B.J.) Snow Orvis discovered a vulnerability in the hostname checking in Ruby last seen 2020-03-17 modified 2013-12-05 plugin id 71220 published 2013-12-05 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71220 title Debian DSA-2809-1 : ruby1.8 - several vulnerabilities NASL family Solaris Local Security Checks NASL id SOLARIS11_RUBY_20130924.NASL description The remote Solaris system is missing necessary patches to address security updates : - The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. (CVE-2011-1005) - The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005. (CVE-2012-4481) - The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a last seen 2020-06-01 modified 2020-06-02 plugin id 80755 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80755 title Oracle Solaris Third-Party Patch Update : ruby (cve_2013_4073_cryptographic_issues) NASL family MacOS X Local Security Checks NASL id MACOSX_10_9.NASL description The remote host is running a version of Mac OS X 10.x that is prior to version 10.9. The newer version contains multiple security-related fixes for the following components : - Application Firewall - App Sandbox - Bluetooth - CFNetwork - CFNetwork SSL - Console - CoreGraphics - curl - dyld - IOKitUser - IOSerialFamily - Kernel - Kext Management - LaunchServices - Libc - Mail Accounts - Mail Header Display - Mail Networking - OpenLDAP - perl - Power Management - python - ruby - Security - Security - Authorization - Security - Smart Card Services - Screen Lock - Screen Sharing Server - syslog - USB last seen 2020-06-01 modified 2020-06-02 plugin id 70561 published 2013-10-23 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70561 title Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1090.NASL description Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 68944 published 2013-07-18 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68944 title RHEL 5 / 6 : ruby (RHSA-2013:1090) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1090.NASL description Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 68941 published 2013-07-18 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68941 title CentOS 5 / 6 : ruby (CESA-2013:1090) NASL family Fedora Local Security Checks NASL id FEDORA_2013-12062.NASL description A vulnerability was found in Ruby last seen 2020-03-17 modified 2013-07-12 plugin id 67334 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67334 title Fedora 17 : ruby-1.9.3.448-31.fc17 (2013-12062) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_EBD877B97EF44375B1FDC67780581898.NASL description Ruby Developers report : Ruby last seen 2020-06-01 modified 2020-06-02 plugin id 67251 published 2013-07-12 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67251 title FreeBSD : ruby -- Hostname check bypassing vulnerability in SSL client (ebd877b9-7ef4-4375-b1fd-c67780581898) NASL family SuSE Local Security Checks NASL id SUSE_RUBY-8639.NASL description Ruby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue. last seen 2020-06-05 modified 2013-07-30 plugin id 69118 published 2013-07-30 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69118 title SuSE 10 Security Update : ruby (ZYPP Patch Number 8639) NASL family Scientific Linux Local Security Checks NASL id SL_20130717_RUBY_ON_SL5_X.NASL description A flaw was found in Ruby last seen 2020-03-18 modified 2013-07-18 plugin id 68946 published 2013-07-18 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68946 title Scientific Linux Security Update : ruby on SL5.x, SL6.x i386/srpm/x86_64 (20130717) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1137.NASL description Updated ruby193-ruby packages that fix one security issue are now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby last seen 2020-06-13 modified 2018-12-04 plugin id 119342 published 2018-12-04 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119342 title RHEL 6 : ruby193-ruby (RHSA-2013:1137) NASL family SuSE Local Security Checks NASL id SUSE_11_PYTHON-201402-140224.NASL description This update for Python fixes the following security issues : - SSL module does not handle certificates that contain hostnames with NULL bytes. (CVE-2013-4238). (bnc#834601) - Various stdlib read flaws. (CVE-2013-1752) Additionally, the following non-security issues have been fixed:. (bnc#856836) - Turn off OpenSSL last seen 2020-06-05 modified 2014-03-07 plugin id 72873 published 2014-03-07 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72873 title SuSE 11.3 Security Update : python (SAT Patch Number 8892) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1902-1.NASL description William (B.J.) Snow Orvis discovered that Ruby incorrectly verified the hostname in SSL certificates. An attacker could trick Ruby into trusting a rogue server certificate, which was signed by a trusted certificate authority, to perform a man-in-the-middle attack. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 67224 published 2013-07-10 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67224 title Ubuntu 12.04 LTS / 12.10 / 13.04 : ruby1.8, ruby1.9.1 vulnerability (USN-1902-1) NASL family CGI abuses NASL id PHP_5_3_28.NASL description According to its banner, the version of PHP installed on the remote host is 5.3.x prior to 5.3.28. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists in the PHP OpenSSL extension last seen 2020-06-01 modified 2020-06-02 plugin id 71426 published 2013-12-14 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71426 title PHP 5.3.x < 5.3.28 Multiple OpenSSL Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_RUBY-130708.NASL description Ruby failed to check hostnames correctly when setting up a SSL client connection. CVE-2013-4073 was assigned to this issue. last seen 2020-06-05 modified 2013-07-31 plugin id 69168 published 2013-07-31 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69168 title SuSE 11.2 / 11.3 Security Update : ruby (SAT Patch Numbers 8026 / 8027) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2014-001.NASL description The remote host is running a version of Mac OS X 10.7 or 10.8 that does not have Security Update 2014-001 applied. This update contains several security-related fixes for the following components : - Apache - App Sandbox - ATS - Certificate Trust Policy - CFNetwork Cookies - CoreAnimation - Date and Time - File Bookmark - ImageIO - IOSerialFamily - LaunchServices - NVIDIA Drivers - PHP - QuickLook - QuickTime - Secure Transport Note that successful exploitation of the most serious issues could result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 72688 published 2014-02-25 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72688 title Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST) NASL family CGI abuses NASL id PUPPET_ENTERPRISE_301.NASL description According to its self-reported version number, the Puppet Enterprise install on the remote host is a version prior to 3.0.1. As a result, it reportedly has multiple vulnerabilities: - An error exists related to the included Ruby SSL client that could allow man-in-the-middle attacks. (CVE-2013-4073) - An error exists related to the last seen 2020-06-01 modified 2020-06-02 plugin id 70663 published 2013-10-28 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70663 title Puppet Enterprise < 3.0.1 Multiple Vulnerabilities NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2013-178-01.NASL description New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 67009 published 2013-06-28 reporter This script is Copyright (C) 2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/67009 title Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-178-01)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
- https://bugzilla.redhat.com/show_bug.cgi?id=979251
- http://rhn.redhat.com/errata/RHSA-2013-1103.html
- http://lists.opensuse.org/opensuse-updates/2013-07/msg00042.html
- http://rhn.redhat.com/errata/RHSA-2013-1090.html
- http://lists.opensuse.org/opensuse-updates/2013-07/msg00044.html
- http://rhn.redhat.com/errata/RHSA-2013-1137.html
- http://www.ubuntu.com/usn/USN-1902-1
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
- http://www.debian.org/security/2013/dsa-2809
- http://www.debian.org/security/2013/dsa-2738
- http://support.apple.com/kb/HT6150
- https://puppet.com/security/cve/cve-2013-4073
- http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21