Vulnerabilities > CVE-2015-3900 - 7PK - Security Features vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1067-1.NASL
    descriptionThis ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new
    last seen2020-06-01
    modified2020-06-02
    plugin id99578
    published2017-04-21
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99578
    titleSUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2017:1067-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99578);
      script_version("3.7");
      script_cvs_date("Date: 2019/09/11 11:22:15");
    
      script_cve_id("CVE-2014-4975", "CVE-2015-1855", "CVE-2015-3900", "CVE-2015-7551", "CVE-2016-2339");
      script_bugtraq_id(68474, 74446, 75482);
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This ruby2.1 update to version 2.1.9 fixes the following issues:
    Security issues fixed :
    
      - CVE-2016-2339: heap overflow vulnerability in the
        Fiddle::Function.new'initialize' (bsc#1018808)
    
      - CVE-2015-7551: Unsafe tainted string usage in Fiddle and
        DL (bsc#959495)
    
      - CVE-2015-3900: hostname validation does not work when
        fetching gems or making API requests (bsc#936032)
    
      - CVE-2015-1855: Ruby'a OpenSSL extension suffers a
        vulnerability through overly permissive matching of
        hostnames (bsc#926974)
    
      - CVE-2014-4975: off-by-one stack-based buffer overflow in
        the encodes() function (bsc#887877) Bugfixes :
    
      - SUSEconnect doesn't handle domain wildcards in no_proxy
        environment variable properly (bsc#1014863)
    
      - Segmentation fault after pack & ioctl & unpack
        (bsc#909695)
    
      - Ruby:HTTP Header injection in 'net/http' (bsc#986630)
        ChangeLog :
    
    - http://svn.ruby-lang.org/repos/ruby/tags/v2_1_9/ChangeLog
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://svn.ruby-lang.org/repos/ruby/tags/v2_1_9/ChangeLog"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1014863"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1018808"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=887877"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=909695"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=926974"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=936032"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=959495"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=986630"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-4975/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-1855/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3900/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-7551/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-2339/"
      );
      # https://www.suse.com/support/update/announcement/2017/suse-su-20171067-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?b050ba23"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
    patch SUSE-SLE-SDK-12-SP2-2017-624=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t
    patch SUSE-SLE-SDK-12-SP1-2017-624=1
    
    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
    patch SUSE-SLE-RPI-12-SP2-2017-624=1
    
    SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
    SUSE-SLE-SERVER-12-SP2-2017-624=1
    
    SUSE Linux Enterprise Server 12-SP1:zypper in -t patch
    SUSE-SLE-SERVER-12-SP1-2017-624=1
    
    SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP2-2017-624=1
    
    SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP1-2017-624=1
    
    OpenStack Cloud Magnum Orchestration 7:zypper in -t patch
    SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-624=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libruby2_1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libruby2_1-2_1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby2.1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby2.1-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby2.1-stdlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby2.1-stdlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/11/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/04/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/04/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(1|2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1/2", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(1|2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP1/2", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libruby2_1-2_1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libruby2_1-2_1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"ruby2.1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"ruby2.1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"ruby2.1-debugsource-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"ruby2.1-stdlib-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"ruby2.1-stdlib-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libruby2_1-2_1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libruby2_1-2_1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"ruby2.1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"ruby2.1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"ruby2.1-debugsource-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"ruby2.1-stdlib-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"ruby2.1-stdlib-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libruby2_1-2_1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libruby2_1-2_1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"ruby2.1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"ruby2.1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"ruby2.1-debugsource-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"ruby2.1-stdlib-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"ruby2.1-stdlib-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libruby2_1-2_1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libruby2_1-2_1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ruby2.1-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ruby2.1-debuginfo-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ruby2.1-debugsource-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ruby2.1-stdlib-2.1.9-15.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ruby2.1-stdlib-debuginfo-2.1.9-15.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby2.1");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-12501.NASL
    descriptionUpdate to RubyGems 2.4.8. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-08-11
    plugin id85309
    published2015-08-11
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/85309
    titleFedora 23 : rubygems-2.4.8-100.fc23 (2015-12501)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-12501.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85309);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3900");
      script_xref(name:"FEDORA", value:"2015-12501");
    
      script_name(english:"Fedora 23 : rubygems-2.4.8-100.fc23 (2015-12501)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Update to RubyGems 2.4.8.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1236116"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-August/163502.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3484cb87"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected rubygems package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rubygems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/07/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC23", reference:"rubygems-2.4.8-100.fc23")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rubygems");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2017-1050.NASL
    descriptionAccording to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An exploitable heap overflow vulnerability exists in the Fiddle::Function.new
    last seen2020-05-06
    modified2017-05-01
    plugin id99895
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99895
    titleEulerOS 2.0 SP1 : ruby (EulerOS-SA-2017-1050)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99895);
      script_version("1.15");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id(
        "CVE-2015-3900",
        "CVE-2016-2337",
        "CVE-2016-2339"
      );
      script_bugtraq_id(
        75482
      );
    
      script_name(english:"EulerOS 2.0 SP1 : ruby (EulerOS-SA-2017-1050)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the ruby packages installed, the EulerOS
    installation on the remote host is affected by the following
    vulnerabilities :
    
      - An exploitable heap overflow vulnerability exists in
        the Fiddle::Function.new 'initialize' function
        functionality of Ruby. In Fiddle::Function.new
        'initialize' heap buffer 'arg_types' allocation is made
        based on args array length. Specially constructed
        object passed as element of args array can increase
        this array size after mentioned allocation and cause
        heap overflow.(CVE-2016-2339)
    
      - Type confusion exists in _cancel_eval Ruby's TclTkIp
        class method. Attacker passing different type of object
        than String as 'retval' argument can cause arbitrary
        code execution.(CVE-2016-2337)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1050
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b233fe7d");
      script_set_attribute(attribute:"solution", value:
    "Update the affected ruby packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/03/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-irb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-bigdecimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-io-console");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-psych");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-rdoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["ruby-2.0.0.353-23.h4",
            "ruby-irb-2.0.0.353-23.h4",
            "ruby-libs-2.0.0.353-23.h4",
            "rubygem-bigdecimal-1.2.0-23.h4",
            "rubygem-io-console-0.4.2-23.h4",
            "rubygem-json-1.7.7-23.h4",
            "rubygem-psych-2.0.0-23.h4",
            "rubygem-rdoc-4.0.0-23.h4",
            "rubygems-2.0.14-23.h4"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2017-1051.NASL
    descriptionAccording to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An exploitable heap overflow vulnerability exists in the Fiddle::Function.new
    last seen2020-05-06
    modified2017-05-01
    plugin id99896
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99896
    titleEulerOS 2.0 SP2 : ruby (EulerOS-SA-2017-1051)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99896);
      script_version("1.15");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id(
        "CVE-2015-3900",
        "CVE-2016-2337",
        "CVE-2016-2339"
      );
      script_bugtraq_id(
        75482
      );
    
      script_name(english:"EulerOS 2.0 SP2 : ruby (EulerOS-SA-2017-1051)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the ruby packages installed, the EulerOS
    installation on the remote host is affected by the following
    vulnerabilities :
    
      - An exploitable heap overflow vulnerability exists in
        the Fiddle::Function.new 'initialize' function
        functionality of Ruby. In Fiddle::Function.new
        'initialize' heap buffer 'arg_types' allocation is made
        based on args array length. Specially constructed
        object passed as element of args array can increase
        this array size after mentioned allocation and cause
        heap overflow.(CVE-2016-2339)
    
      - Type confusion exists in _cancel_eval Ruby's TclTkIp
        class method. Attacker passing different type of object
        than String as 'retval' argument can cause arbitrary
        code execution.(CVE-2016-2337)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1051
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d7ccee39");
      script_set_attribute(attribute:"solution", value:
    "Update the affected ruby packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/03/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-irb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ruby-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-bigdecimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-io-console");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-psych");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygem-rdoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:rubygems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["ruby-2.0.0.598-25.h3",
            "ruby-irb-2.0.0.598-25.h3",
            "ruby-libs-2.0.0.598-25.h3",
            "rubygem-bigdecimal-1.2.0-25.h3",
            "rubygem-io-console-0.4.2-25.h3",
            "rubygem-json-1.7.7-25.h3",
            "rubygem-psych-2.0.0-25.h3",
            "rubygem-rdoc-4.0.0-25.h3",
            "rubygems-2.0.14-25.h3"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_A0089E18FC9E11E4BC58001E67150279.NASL
    descriptionJonathan Claudius reports : RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specifically a SRV record _rubygems._tcp under the original requested domain. RubyGems did not validate the hostname returned in the SRV record before sending requests to it. This left clients open to a DNS hijack attack, whereby an attacker could return a SRV of their choosing and get the client to use it.
    last seen2020-06-01
    modified2020-06-02
    plugin id83513
    published2015-05-18
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83513
    titleFreeBSD : rubygems -- request hijacking vulnerability (a0089e18-fc9e-11e4-bc58-001e67150279)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(83513);
      script_version("2.4");
      script_cvs_date("Date: 2018/11/10 11:49:44");
    
      script_cve_id("CVE-2015-3900");
    
      script_name(english:"FreeBSD : rubygems -- request hijacking vulnerability (a0089e18-fc9e-11e4-bc58-001e67150279)");
      script_summary(english:"Checks for updated packages in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote FreeBSD host is missing one or more security-related
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Jonathan Claudius reports :
    
    RubyGems provides the ability of a domain to direct clients to a
    separate host that is used to fetch gems and make API calls against.
    This mechanism is implemented via DNS, specifically a SRV record
    _rubygems._tcp under the original requested domain.
    
    RubyGems did not validate the hostname returned in the SRV record
    before sending requests to it. This left clients open to a DNS hijack
    attack, whereby an attacker could return a SRV of their choosing and
    get the client to use it."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200264"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://blog.rubygems.org/2015/05/14/CVE-2015-3900.html"
      );
      # https://vuxml.freebsd.org/freebsd/a0089e18-fc9e-11e4-bc58-001e67150279.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a870b517"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ruby20-gems");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ruby21-gems");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ruby22-gems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/14");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/05/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"ruby20-gems<2.4.7")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"ruby21-gems<2.4.7")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"ruby22-gems<2.4.7")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-13157.NASL
    descriptionUpdate to RubyGems 2.2.5. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-08-20
    plugin id85553
    published2015-08-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/85553
    titleFedora 21 : rubygems-2.2.5-100.fc21 (2015-13157)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-13157.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85553);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3900");
      script_xref(name:"FEDORA", value:"2015-13157");
    
      script_name(english:"Fedora 21 : rubygems-2.2.5-100.fc21 (2015-13157)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Update to RubyGems 2.2.5.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1236116"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-August/164236.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?40313ff4"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected rubygems package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rubygems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/08/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/20");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC21", reference:"rubygems-2.2.5-100.fc21")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rubygems");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-12574.NASL
    descriptionUpdate to RubyGems 2.4.8. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-08-11
    plugin id85312
    published2015-08-11
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/85312
    titleFedora 22 : rubygems-2.4.8-100.fc22 (2015-12574)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-12574.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85312);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3900");
      script_xref(name:"FEDORA", value:"2015-12574");
    
      script_name(english:"Fedora 22 : rubygems-2.4.8-100.fc22 (2015-12574)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Update to RubyGems 2.4.8.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1236116"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-August/163600.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?e9aedd58"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected rubygems package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rubygems");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:22");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/08/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^22([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 22.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC22", reference:"rubygems-2.4.8-100.fc22")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rubygems");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-547.NASL
    descriptionRubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record _rubygems._tcp under the original requested domain. RubyGems did not validate the hostname returned in the SRV record before sending requests to it. (CVE-2015-3900) As discussed upstream, CVE-2015-4020 is due to an incomplete fix for CVE-2015-3900 , which allowed redirection to an arbitrary gem server in any security domain.
    last seen2020-06-01
    modified2020-06-02
    plugin id84248
    published2015-06-18
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84248
    titleAmazon Linux AMI : ruby20 (ALAS-2015-547)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2015-547.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84248);
      script_version("2.3");
      script_cvs_date("Date: 2018/04/18 15:09:35");
    
      script_cve_id("CVE-2015-3900", "CVE-2015-4020");
      script_xref(name:"ALAS", value:"2015-547");
    
      script_name(english:"Amazon Linux AMI : ruby20 (ALAS-2015-547)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "RubyGems provides the ability of a domain to direct clients to a
    separate host that is used to fetch gems and make API calls against.
    This mechanism is implemented via DNS, specificly a SRV record
    _rubygems._tcp under the original requested domain. RubyGems did not
    validate the hostname returned in the SRV record before sending
    requests to it. (CVE-2015-3900)
    
    As discussed upstream, CVE-2015-4020 is due to an incomplete fix for
    CVE-2015-3900 , which allowed redirection to an arbitrary gem server
    in any security domain."
      );
      # https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3dfa3e8c"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2015-547.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update ruby20' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby20");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby20-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby20-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby20-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby20-irb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby20-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygem20-bigdecimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygem20-io-console");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygem20-psych");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygems20");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygems20-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/06/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"ruby20-2.0.0.645-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby20-debuginfo-2.0.0.645-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby20-devel-2.0.0.645-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby20-doc-2.0.0.645-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby20-irb-2.0.0.645-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby20-libs-2.0.0.645-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygem20-bigdecimal-1.2.0-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygem20-io-console-0.4.2-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygem20-psych-2.0.0-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygems20-2.0.14-1.27.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygems20-devel-2.0.14-1.27.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby20 / ruby20-debuginfo / ruby20-devel / ruby20-doc / ruby20-irb / etc");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-548.NASL
    descriptionRubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record _rubygems._tcp under the original requested domain. RubyGems did not validate the hostname returned in the SRV record before sending requests to it. (CVE-2015-3900) As discussed upstream, CVE-2015-4020 is due to an incomplete fix for CVE-2015-3900 , which allowed redirection to an arbitrary gem server in any security domain.
    last seen2020-06-01
    modified2020-06-02
    plugin id84249
    published2015-06-18
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84249
    titleAmazon Linux AMI : ruby21 (ALAS-2015-548)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2015-548.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84249);
      script_version("2.3");
      script_cvs_date("Date: 2018/04/18 15:09:35");
    
      script_cve_id("CVE-2015-3900", "CVE-2015-4020");
      script_xref(name:"ALAS", value:"2015-548");
    
      script_name(english:"Amazon Linux AMI : ruby21 (ALAS-2015-548)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "RubyGems provides the ability of a domain to direct clients to a
    separate host that is used to fetch gems and make API calls against.
    This mechanism is implemented via DNS, specificly a SRV record
    _rubygems._tcp under the original requested domain. RubyGems did not
    validate the hostname returned in the SRV record before sending
    requests to it. (CVE-2015-3900)
    
    As discussed upstream, CVE-2015-4020 is due to an incomplete fix for
    CVE-2015-3900 , which allowed redirection to an arbitrary gem server
    in any security domain."
      );
      # https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3dfa3e8c"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2015-548.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update ruby21' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby21");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby21-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby21-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby21-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby21-irb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ruby21-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygem21-bigdecimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygem21-io-console");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygem21-psych");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygems21");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rubygems21-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/06/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"ruby21-2.1.6-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby21-debuginfo-2.1.6-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby21-devel-2.1.6-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby21-doc-2.1.6-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby21-irb-2.1.6-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"ruby21-libs-2.1.6-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygem21-bigdecimal-1.2.4-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygem21-io-console-0.4.3-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygem21-psych-2.0.5-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygems21-2.2.3-1.17.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"rubygems21-devel-2.2.3-1.17.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby21 / ruby21-debuginfo / ruby21-devel / ruby21-doc / ruby21-irb / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-527.NASL
    descriptionThis ruby2.1 update to version 2.1.9 fixes the following issues : Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new
    last seen2020-06-05
    modified2017-05-01
    plugin id99753
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/99753
    titleopenSUSE Security Update : ruby2.1 (openSUSE-2017-527)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-549.NASL
    descriptionRubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record _rubygems._tcp under the original requested domain. RubyGems did not validate the hostname returned in the SRV record before sending requests to it. (CVE-2015-3900) As discussed upstream, CVE-2015-4020 is due to an incomplete fix for CVE-2015-3900 , which allowed redirection to an arbitrary gem server in any security domain.
    last seen2020-06-01
    modified2020-06-02
    plugin id84250
    published2015-06-18
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84250
    titleAmazon Linux AMI : ruby22 (ALAS-2015-549)
  • NASL familyCGI abuses
    NASL idPUPPET_ENTERPRISE_CVE_2015-4100.NASL
    descriptionAccording to its self-reported version number, the Puppet Enterprise application running on the remote host is version 3.7.x or 3.8.x prior to 3.8.1. It it, therefore, affected by the following vulnerabilities : - A flaw exists in RubyGems due to a failure to validate hostnames when fetching gems or making API requests. A remote attacker, using a crafted DNS SRV record, can exploit this to redirect requests to arbitrary domains. (CVE-2015-3900) - A flaw exists in RubyGems due to a failure to sanitize DNS responses, which allows a man-in-the-middle attacker to install arbitrary applications. (CVE-2015-4020) - A flaw exists in Puppet Enterprise related to how certificates are managed, under certain vulnerable configurations, which allows a trusted certificate to be used to perform full certificate management. An attacker can exploit this flaw to revoke the certificates of other nodes or to approve their certificate requests. (CVE-2015-4100) Note that the default
    last seen2020-06-01
    modified2020-06-02
    plugin id84961
    published2015-07-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84961
    titlePuppet Enterprise 3.7.x < 3.8.1 / 3.8.x < 3.8.1 Multiple Vulnerabilities

Redhat

advisories
rhsa
idRHSA-2015:1657
rpms
  • rh-ruby22-ruby-0:2.2.2-12.el6
  • rh-ruby22-ruby-0:2.2.2-12.el7
  • rh-ruby22-ruby-debuginfo-0:2.2.2-12.el6
  • rh-ruby22-ruby-debuginfo-0:2.2.2-12.el7
  • rh-ruby22-ruby-devel-0:2.2.2-12.el6
  • rh-ruby22-ruby-devel-0:2.2.2-12.el7
  • rh-ruby22-ruby-doc-0:2.2.2-12.el6
  • rh-ruby22-ruby-doc-0:2.2.2-12.el7
  • rh-ruby22-ruby-irb-0:2.2.2-12.el6
  • rh-ruby22-ruby-irb-0:2.2.2-12.el7
  • rh-ruby22-ruby-libs-0:2.2.2-12.el6
  • rh-ruby22-ruby-libs-0:2.2.2-12.el7
  • rh-ruby22-ruby-tcltk-0:2.2.2-12.el6
  • rh-ruby22-ruby-tcltk-0:2.2.2-12.el7
  • rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el6
  • rh-ruby22-rubygem-bigdecimal-0:1.2.6-12.el7
  • rh-ruby22-rubygem-io-console-0:0.4.3-12.el6
  • rh-ruby22-rubygem-io-console-0:0.4.3-12.el7
  • rh-ruby22-rubygem-json-0:1.8.1-12.el6
  • rh-ruby22-rubygem-json-0:1.8.1-12.el7
  • rh-ruby22-rubygem-minitest-0:5.4.3-12.el6
  • rh-ruby22-rubygem-minitest-0:5.4.3-12.el7
  • rh-ruby22-rubygem-power_assert-0:0.2.2-12.el6
  • rh-ruby22-rubygem-power_assert-0:0.2.2-12.el7
  • rh-ruby22-rubygem-psych-0:2.0.8-12.el6
  • rh-ruby22-rubygem-psych-0:2.0.8-12.el7
  • rh-ruby22-rubygem-rake-0:10.4.2-12.el6
  • rh-ruby22-rubygem-rake-0:10.4.2-12.el7
  • rh-ruby22-rubygem-rdoc-0:4.2.0-12.el6
  • rh-ruby22-rubygem-rdoc-0:4.2.0-12.el7
  • rh-ruby22-rubygem-test-unit-0:3.0.8-12.el6
  • rh-ruby22-rubygem-test-unit-0:3.0.8-12.el7
  • rh-ruby22-rubygems-0:2.4.5-12.el6
  • rh-ruby22-rubygems-0:2.4.5-12.el7
  • rh-ruby22-rubygems-devel-0:2.4.5-12.el6
  • rh-ruby22-rubygems-devel-0:2.4.5-12.el7

References