This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:ruby-lang:ruby:1.8.5
Detail
VendorRuby-LangFirst view 2007-10-01
ProductRubyLast view 2008-12-08
Version1.8.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:ruby-lang:ruby

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.82008-12-08CVE-2008-4310NetworkLowNone Requ...
5.82008-09-04CVE-2008-3905NetworkMediumNone Requ...
52008-08-14CVE-2008-3443NetworkLowNone Requ...
7.52008-08-12CVE-2008-3657NetworkLowNone Requ...
7.82008-08-12CVE-2008-3656NetworkLowNone Requ...
Hide | Show 4 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52008-08-12CVE-2008-3655NetworkLowNone Requ...
52008-04-18CVE-2008-1891NetworkLowNone Requ...
52007-11-13CVE-2007-5770NetworkLowNone Requ...
4.32007-10-01CVE-2007-5162NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (3)CWE-399Resource Management Errors
33% (3)CWE-287Improper Authentication
11% (1)CWE-264Permissions, Privileges, and Access Controls
11% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
11% (1)CWE-20Improper Input Validation

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:10738The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS...
oval:org.mitre.oval:def:18657DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:18414DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
oval:org.mitre.oval:def:17689USN-596-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:11025The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) N...
Hide | Show 15 More...
idName
oval:org.mitre.oval:def:21946ELSA-2007:0965: ruby security update (Moderate)
oval:org.mitre.oval:def:9570The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 thro...
oval:org.mitre.oval:def:7525DSA-1695 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:13642DSA-1695-1 ruby1.8, ruby1.9 -- memory leak
oval:org.mitre.oval:def:11602Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, an...
oval:org.mitre.oval:def:9682Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_v...
oval:org.mitre.oval:def:9793The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 thro...
oval:org.mitre.oval:def:8055DSA-1652 ruby1.9 -- several vulnerabilities
oval:org.mitre.oval:def:7935DSA-1651 ruby1.8 -- several vulnerabilities
oval:org.mitre.oval:def:20309DSA-1651-1 ruby1.8 - several vulnerabilities
oval:org.mitre.oval:def:18456DSA-1652-1 ruby1.9 - several vulnerabilities
oval:org.mitre.oval:def:17538USN-651-1 -- ruby1.8 vulnerabilities
oval:org.mitre.oval:def:10034resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1....
oval:org.mitre.oval:def:10250httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterpris...
oval:org.mitre.oval:def:22012ELSA-2008:0981: ruby security update (Moderate)

Open Source Vulnerability Database (OSVDB)

idDescription
47800Ruby Regexp Engine (regex.c) Crafted Socket Request DoS
47472Ruby dl Module DL.dlopen Arbitrary Library Access
47471WEBrick in Ruby WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS
47470Ruby Safe Level Multiple Function Restriction Bypass
47469Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning
Hide | Show 2 More...
idDescription
44682WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access
40773Ruby Multiple Net Modules Certificate commonName (CN) Field Verification Weak...

Milw0rm Exploits

idDescription
2008-08-13Ruby <= 1.9 (regex engine) Remote Socket Memory Leak Exploit

Metasploit Exploits

idDescription
2008-08-08Ruby WEBrick::HTTP::DefaultFileHandler DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2010-05-12Name : Mac OS X Security Update 2007-009
File : nvt/macosx_secupd_2007-009.nasl
2010-05-12Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-11Name : SLES11: Security update for ruby
File : nvt/sles11_ruby.nasl
2009-10-10Name : SLES9: Security update for Ruby
File : nvt/sles9p5033480.nasl
Hide | Show 20 More...
idDescription
2009-10-10Name : SLES9: Security update for ruby
File : nvt/sles9p5053737.nasl
2009-07-29Name : SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client)
File : nvt/suse_sa_2009_037.nasl
2009-06-05Name : Ubuntu USN-698-3 (nagios2)
File : nvt/ubuntu_698_3.nasl
2009-04-09Name : Mandriva Update for ruby MDVSA-2008:029 (ruby)
File : nvt/gb_mandriva_MDVSA_2008_029.nasl
2009-04-09Name : Mandriva Update for ruby MDVSA-2008:140 (ruby)
File : nvt/gb_mandriva_MDVSA_2008_140.nasl
2009-04-09Name : Mandriva Update for ruby MDVSA-2008:141 (ruby)
File : nvt/gb_mandriva_MDVSA_2008_141.nasl
2009-04-09Name : Mandriva Update for ruby MDVSA-2008:226 (ruby)
File : nvt/gb_mandriva_MDVSA_2008_226.nasl
2009-03-23Name : Ubuntu Update for ruby1.8 vulnerabilities USN-651-1
File : nvt/gb_ubuntu_USN_651_1.nasl
2009-03-23Name : Ubuntu Update for ruby1.9 vulnerability USN-691-1
File : nvt/gb_ubuntu_USN_691_1.nasl
2009-03-23Name : Ubuntu Update for ruby1.8 vulnerabilities USN-596-1
File : nvt/gb_ubuntu_USN_596_1.nasl
2009-03-06Name : RedHat Update for ruby RHSA-2008:0895-02
File : nvt/gb_RHSA-2008_0895-02_ruby.nasl
2009-03-06Name : RedHat Update for ruby RHSA-2008:0896-01
File : nvt/gb_RHSA-2008_0896-01_ruby.nasl
2009-03-06Name : RedHat Update for ruby RHSA-2008:0897-01
File : nvt/gb_RHSA-2008_0897-01_ruby.nasl
2009-03-06Name : RedHat Update for ruby RHSA-2008:0981-02
File : nvt/gb_RHSA-2008_0981-02_ruby.nasl
2009-02-27Name : Fedora Update for ruby FEDORA-2007-2406
File : nvt/gb_fedora_2007_2406_ruby_fc7.nasl
2009-02-27Name : Fedora Update for ruby FEDORA-2007-2685
File : nvt/gb_fedora_2007_2685_ruby_fc7.nasl
2009-02-27Name : Fedora Update for ruby FEDORA-2007-2812
File : nvt/gb_fedora_2007_2812_ruby_fc8.nasl
2009-02-27Name : CentOS Update for ruby CESA-2008:0895-02 centos2 i386
File : nvt/gb_CESA-2008_0895-02_ruby_centos2_i386.nasl
2009-02-27Name : CentOS Update for irb CESA-2008:0896 centos3 i386
File : nvt/gb_CESA-2008_0896_irb_centos3_i386.nasl
2009-02-27Name : CentOS Update for irb CESA-2008:0896 centos3 x86_64
File : nvt/gb_CESA-2008_0896_irb_centos3_x86_64.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0896.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0897.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0981.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0961.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081021_ruby_on_SL3_x.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081204_ruby_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071113_ruby_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-01-27Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ruby-6338.nasl - Type : ACT_GATHER_INFO
2009-10-06Name : The remote openSUSE host is missing a security update.
File : suse_ruby-6339.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ruby-090703.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12452.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12214.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_1_ruby-090703.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_ruby-080729.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_ruby-090703.nasl - Type : ACT_GATHER_INFO
2009-05-13Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-226.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-651-1.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-029.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-691-1.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0961.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-140.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-141.nasl - Type : ACT_GATHER_INFO
2009-01-06Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1695.nasl - Type : ACT_GATHER_INFO
2008-12-26Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0981.nasl - Type : ACT_GATHER_INFO