5 - MDVSA-2008:029

Executive Summary

Summary
Title	Updated ruby packages fix possible man-in-the-middle attack

Informations
Name	MDVSA-2008:029	First vendor Publication	2008-01-31
Vendor	Mandriva	Last vendor Modification	2008-01-31
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet, Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a possible man-in-the-middle attack, when using SSL, due to a missing check of the CN (common name) attribute in SSL certificates against the server's hostname.

The updated packages have been patched to prevent the issue.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:029

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-287	Improper Authentication

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10738

Oval ID:	oval:org.mitre.oval:def:10738
Title:	The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.
Description:	The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-5162	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ruby-mode is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-docs is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-devel is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-tcltk is earlier than 0:1.8.1-7.EL4.8.1 AND ruby is earlier than 0:1.8.1-7.EL4.8.1 AND irb is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-libs is earlier than 0:1.8.1-7.EL4.8.1 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section ruby-ri is earlier than 0:1.8.5-5.el5_1.1 AND ruby-mode is earlier than 0:1.8.5-5.el5_1.1 AND ruby-docs is earlier than 0:1.8.5-5.el5_1.1 AND ruby-devel is earlier than 0:1.8.5-5.el5_1.1 AND ruby is earlier than 0:1.8.5-5.el5_1.1 AND ruby-libs is earlier than 0:1.8.5-5.el5_1.1 AND ruby-tcltk is earlier than 0:1.8.5-5.el5_1.1 AND ruby-irb is earlier than 0:1.8.5-5.el5_1.1 AND ruby-rdoc is earlier than 0:1.8.5-5.el5_1.1

Definition Id: oval:org.mitre.oval:def:11025

Oval ID:	oval:org.mitre.oval:def:11025
Title:	The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.
Description:	The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-5770	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ruby-mode is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-docs is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-devel is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-tcltk is earlier than 0:1.8.1-7.EL4.8.1 AND ruby is earlier than 0:1.8.1-7.EL4.8.1 AND irb is earlier than 0:1.8.1-7.EL4.8.1 AND ruby-libs is earlier than 0:1.8.1-7.EL4.8.1 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section ruby-ri is earlier than 0:1.8.5-5.el5_1.1 AND ruby-mode is earlier than 0:1.8.5-5.el5_1.1 AND ruby-docs is earlier than 0:1.8.5-5.el5_1.1 AND ruby-devel is earlier than 0:1.8.5-5.el5_1.1 AND ruby is earlier than 0:1.8.5-5.el5_1.1 AND ruby-libs is earlier than 0:1.8.5-5.el5_1.1 AND ruby-tcltk is earlier than 0:1.8.5-5.el5_1.1 AND ruby-irb is earlier than 0:1.8.5-5.el5_1.1 AND ruby-rdoc is earlier than 0:1.8.5-5.el5_1.1

Definition Id: oval:org.mitre.oval:def:17689

Oval ID:	oval:org.mitre.oval:def:17689
Title:	USN-596-1 -- ruby1.8 vulnerabilities
Description:	Chris Clark discovered that Ruby's HTTPS module did not check for commonName mismatches early enough during SSL negotiation.
Family:	unix	Class:	patch
Reference(s):	USN-596-1 CVE-2007-5162 CVE-2007-5770	Version:	7
Platform(s):	Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10	Product(s):	ruby1.8
Definition Synopsis:
Release section Ubuntu 6.06 is installed Packages match section libopenssl-ruby1.8 DPKG is earlier than 1.8.4-1ubuntu1.4 AND libruby1.8 DPKG is earlier than 1.8.4-1ubuntu1.4 AND Release section Ubuntu 6.10 is installed Packages match section libopenssl-ruby1.8 DPKG is earlier than 1.8.4-5ubuntu1.3 AND libruby1.8 DPKG is earlier than 1.8.4-5ubuntu1.3 AND Release section Ubuntu 7.04 is installed Packages match section libopenssl-ruby1.8 DPKG is earlier than 1.8.5-4ubuntu2.1 AND libruby1.8 DPKG is earlier than 1.8.5-4ubuntu2.1 AND Release section Ubuntu 7.10 is installed Packages match section libopenssl-ruby1.8 DPKG is earlier than 1.8.6.36-1ubuntu3.1 AND libruby1.8 DPKG is earlier than 1.8.6.36-1ubuntu3.1

Definition Id: oval:org.mitre.oval:def:18414

Oval ID:	oval:org.mitre.oval:def:18414
Title:	DSA-1410-1 ruby1.8 - possible man-in-the-middle attacks
Description:	Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language.
Family:	unix	Class:	patch
Reference(s):	DSA-1410-1 CVE-2007-5162 CVE-2007-5770	Version:	7
Platform(s):	Debian GNU/Linux 4.0	Product(s):	ruby1.8
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND ruby1.8 DPKG is earlier than 1.8.5-4etch1

Definition Id: oval:org.mitre.oval:def:18657

Oval ID:	oval:org.mitre.oval:def:18657
Title:	DSA-1412-1 ruby1.9 - possible man-in-the-middle attacks
Description:	Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language.
Family:	unix	Class:	patch
Reference(s):	DSA-1412-1 CVE-2007-5162 CVE-2007-5770	Version:	7
Platform(s):	Debian GNU/Linux 4.0	Product(s):	ruby1.9
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND ruby1.9 DPKG is earlier than 1.9.0+20060609-1etch1

Definition Id: oval:org.mitre.oval:def:21946

Oval ID:	oval:org.mitre.oval:def:21946
Title:	ELSA-2007:0965: ruby security update (Moderate)
Description:	The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0965-01 CVE-2007-5162 CVE-2007-5770	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	ruby
Definition Synopsis:
Oracle Linux 5.x rpm test ruby-docs is earlier than 0:1.8.5-5.el5_1.1 AND ruby-ri is earlier than 0:1.8.5-5.el5_1.1 AND ruby-mode is earlier than 0:1.8.5-5.el5_1.1 AND ruby-libs is earlier than 0:1.8.5-5.el5_1.1 AND ruby-tcltk is earlier than 0:1.8.5-5.el5_1.1 AND ruby-irb is earlier than 0:1.8.5-5.el5_1.1 AND ruby-rdoc is earlier than 0:1.8.5-5.el5_1.1 AND ruby is earlier than 0:1.8.5-5.el5_1.1 AND ruby-devel is earlier than 0:1.8.5-5.el5_1.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Ruby-Lang Ruby cpe:2.3:a:ruby-lang:ruby:1.8.6:::::::* cpe:2.3:a:ruby-lang:ruby:1.8.5:::::::*	2

OpenVAS Exploits

Date	Description
2010-05-12	Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-04-09	Name : Mandriva Update for ruby MDVSA-2008:029 (ruby) File : nvt/gb_mandriva_MDVSA_2008_029.nasl
2009-03-23	Name : Ubuntu Update for ruby1.8 vulnerabilities USN-596-1 File : nvt/gb_ubuntu_USN_596_1.nasl
2009-02-27	Name : Fedora Update for ruby FEDORA-2007-2406 File : nvt/gb_fedora_2007_2406_ruby_fc7.nasl
2009-02-27	Name : Fedora Update for ruby FEDORA-2007-2685 File : nvt/gb_fedora_2007_2685_ruby_fc7.nasl
2009-02-27	Name : Fedora Update for ruby FEDORA-2007-2812 File : nvt/gb_fedora_2007_2812_ruby_fc8.nasl
2009-02-27	Name : Fedora Update for ruby FEDORA-2007-718 File : nvt/gb_fedora_2007_718_ruby_fc6.nasl
2009-02-27	Name : Fedora Update for ruby FEDORA-2007-738 File : nvt/gb_fedora_2007_738_ruby_fc6.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-5649 File : nvt/gb_fedora_2008_5649_ruby_fc8.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-8738 File : nvt/gb_fedora_2008_8738_ruby_fc9.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-8736 File : nvt/gb_fedora_2008_8736_ruby_fc8.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-6094 File : nvt/gb_fedora_2008_6094_ruby_fc8.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-6033 File : nvt/gb_fedora_2008_6033_ruby_fc9.nasl
2009-02-17	Name : Fedora Update for ruby FEDORA-2008-5664 File : nvt/gb_fedora_2008_5664_ruby_fc9.nasl
2009-02-16	Name : Fedora Update for ruby FEDORA-2008-2458 File : nvt/gb_fedora_2008_2458_ruby_fc7.nasl
2009-02-16	Name : Fedora Update for ruby FEDORA-2008-2443 File : nvt/gb_fedora_2008_2443_ruby_fc8.nasl
2008-01-17	Name : Debian Security Advisory DSA 1410-1 (ruby1.8) File : nvt/deb_1410_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 1411-1 (libopenssl-ruby) File : nvt/deb_1411_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
40773	Ruby Multiple Net Modules Certificate commonName (CN) Field Verification Weak...

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0961.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071113_ruby_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0961.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-029.nasl - Type : ACT_GATHER_INFO
2008-07-08	Name : The remote Fedora host is missing a security update. File : fedora_2008-6094.nasl - Type : ACT_GATHER_INFO
2008-07-08	Name : The remote Fedora host is missing a security update. File : fedora_2008-6033.nasl - Type : ACT_GATHER_INFO
2008-06-26	Name : The remote Fedora host is missing a security update. File : fedora_2008-5664.nasl - Type : ACT_GATHER_INFO
2008-06-26	Name : The remote Fedora host is missing a security update. File : fedora_2008-5649.nasl - Type : ACT_GATHER_INFO
2008-03-28	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-596-1.nasl - Type : ACT_GATHER_INFO
2008-03-13	Name : The remote Fedora host is missing a security update. File : fedora_2008-2443.nasl - Type : ACT_GATHER_INFO
2008-03-13	Name : The remote Fedora host is missing a security update. File : fedora_2008-2458.nasl - Type : ACT_GATHER_INFO
2007-12-18	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ruby-4702.nasl - Type : ACT_GATHER_INFO
2007-11-26	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1412.nasl - Type : ACT_GATHER_INFO
2007-11-26	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1411.nasl - Type : ACT_GATHER_INFO
2007-11-26	Name : The remote openSUSE host is missing a security update. File : suse_ruby-4703.nasl - Type : ACT_GATHER_INFO
2007-11-26	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1410.nasl - Type : ACT_GATHER_INFO
2007-11-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0961.nasl - Type : ACT_GATHER_INFO
2007-11-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0965.nasl - Type : ACT_GATHER_INFO
2007-11-07	Name : The remote Fedora host is missing a security update. File : fedora_2007-2812.nasl - Type : ACT_GATHER_INFO
2007-11-06	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-738.nasl - Type : ACT_GATHER_INFO
2007-11-06	Name : The remote Fedora host is missing a security update. File : fedora_2007-2685.nasl - Type : ACT_GATHER_INFO
2007-11-06	Name : The remote Fedora host is missing a security update. File : fedora_2007-2406.nasl - Type : ACT_GATHER_INFO
2007-10-09	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-718.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2016-04-26 22:17:52	Multiple Updates
2014-02-17 11:39:10	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	2
Oval ID(s)	6
CPE ID(s)	2
osvdb(s)	1
Openvas Exploit(s)	19
Nessus® Exploit(s)	24

	Related
5	CVE-2007-5770
4.3	CVE-2007-5162
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)

5 - MDVSA-2008:029

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU