Executive Summary
Summary | |
---|---|
Title | ruby security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2013:0129 | First vendor Publication | 2013-01-08 |
Vendor | RedHat | Last vendor Modification | 2013-01-08 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated ruby packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files with names based on untrusted input, it could result in the creation of files with different names than expected. (CVE-2012-4522) It was found that the RHSA-2011:0909 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481) The CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat. This update also fixes the following bug: * Prior to this update, the "rb_syck_mktime" option could, under certain circumstances, terminate with a segmentation fault when installing libraries with certain gems. This update modifies the underlying code so that Ruby gems can be installed as expected. (BZ#834381) All users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 863484 - CVE-2012-4481 ruby: Incomplete fix for CVE-2011-1005 for NameError#to_s method when used on objects 865940 - CVE-2012-4522 ruby: unintentional file creation caused by inserting an illegal NUL character |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2013-0129.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17844 | |||
Oval ID: | oval:org.mitre.oval:def:17844 | ||
Title: | USN-1603-2 -- ruby1.8 vulnerabilities | ||
Description: | Ruby could allow excessive access in untrusted programs. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1603-2 CVE-2012-4466 CVE-2012-4481 | Version: | 7 |
Platform(s): | Ubuntu 12.10 | Product(s): | ruby1.8 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17988 | |||
Oval ID: | oval:org.mitre.oval:def:17988 | ||
Title: | USN-1603-1 -- ruby1.8 vulnerabilities | ||
Description: | Ruby could allow excessive access in untrusted programs. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1603-1 CVE-2012-4466 CVE-2012-4481 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | ruby1.8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18024 | |||
Oval ID: | oval:org.mitre.oval:def:18024 | ||
Title: | USN-1614-1 -- ruby1.9.1 vulnerabilities | ||
Description: | Several security issues were fixed in Ruby. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1614-1 CVE-2012-4464 CVE-2012-4466 CVE-2012-4522 | Version: | 7 |
Platform(s): | Ubuntu 12.10 Ubuntu 12.04 | Product(s): | ruby1.9.1 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20949 | |||
Oval ID: | oval:org.mitre.oval:def:20949 | ||
Title: | RHSA-2013:0129: ruby security and bug fix update (Moderate) | ||
Description: | The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0129-00 CESA-2013:0129 CVE-2012-4481 CVE-2012-4522 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21638 | |||
Oval ID: | oval:org.mitre.oval:def:21638 | ||
Title: | RHSA-2011:0909: ruby security update (Moderate) | ||
Description: | The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0909-01 CESA-2011:0909 CVE-2009-4492 CVE-2010-0541 CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 | Version: | 68 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23147 | |||
Oval ID: | oval:org.mitre.oval:def:23147 | ||
Title: | ELSA-2013:0129: ruby security and bug fix update (Moderate) | ||
Description: | The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0129-00 CVE-2012-4481 CVE-2012-4522 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27340 | |||
Oval ID: | oval:org.mitre.oval:def:27340 | ||
Title: | DEPRECATED: ELSA-2013-0129 -- ruby security and bug fix update (moderate) | ||
Description: | [1.8.5-27] - unintentional file creation caused by inserting an illegal NUL character * ruby-1.8.6-CVE-2012-4522-io.c-pipe_open-command-name-should-not-contain-null-.patch - Related: rhbz#867750 [1.8.5-26] - escaping vulnerability about Exception#to_s / NameError#to_s * ruby-1.8.7-p371-CVE-2012-4481.patch - Resolves: rhbz#867750 - unintentional file creation caused by inserting an illegal NUL character * ruby-1.8.6-CVE-2012-4522-io.c-rb_open_file-should-check-NUL-in-path.patch - Resolves: rhbz#867750 [1.8.5-25] - Resolve buffer overflow causing gem installation issues. * ruby-1.8.7-syck-avoid-buffer-overflow.patch - Resolves: rhbz#834381 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0129 CVE-2012-4481 CVE-2012-4522 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28124 | |||
Oval ID: | oval:org.mitre.oval:def:28124 | ||
Title: | DEPRECATED: ELSA-2011-0909 -- ruby security update (moderate) | ||
Description: | [1.8.5-19.el5_6.1] - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' * ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' * ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms' * ruby-1.8.7-CVE-2011-0188.patch - Address CVE-CVE-2010-0541 'Ruby WEBrick javascript injection flaw' * ruby-1.8.7-CVE-2010-0541.patch - Address CVE-CVE-2009-4492 'ruby WEBrick log escape sequence' * ruby-1.8.6-CVE-2009-4492.patch - Resolves: rhbz#709957 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0909 CVE-2009-4492 CVE-2010-0541 CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | ruby |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-11-26 | Name : FreeBSD Ports: ruby File : nvt/freebsd_ruby14.nasl |
2012-11-19 | Name : Fedora Update for ruby FEDORA-2012-18017 File : nvt/gb_fedora_2012_18017_ruby_fc17.nasl |
2012-10-31 | Name : Ubuntu Update for ruby1.8 USN-1603-2 File : nvt/gb_ubuntu_USN_1603_2.nasl |
2012-10-23 | Name : Fedora Update for ruby FEDORA-2012-16086 File : nvt/gb_fedora_2012_16086_ruby_fc17.nasl |
2012-10-23 | Name : Ubuntu Update for ruby1.9.1 USN-1614-1 File : nvt/gb_ubuntu_USN_1614_1.nasl |
2012-10-16 | Name : Fedora Update for ruby FEDORA-2012-15507 File : nvt/gb_fedora_2012_15507_ruby_fc16.nasl |
2012-10-11 | Name : Ubuntu Update for ruby1.8 USN-1603-1 File : nvt/gb_ubuntu_USN_1603_1.nasl |
2012-09-27 | Name : Ubuntu Update for ruby1.9.1 USN-1583-1 File : nvt/gb_ubuntu_USN_1583_1.nasl |
2012-07-30 | Name : CentOS Update for ruby CESA-2011:0909 centos5 x86_64 File : nvt/gb_CESA-2011_0909_ruby_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for irb CESA-2011:0908 centos4 x86_64 File : nvt/gb_CESA-2011_0908_irb_centos4_x86_64.nasl |
2012-06-06 | Name : RedHat Update for ruby RHSA-2011:0910-01 File : nvt/gb_RHSA-2011_0910-01_ruby.nasl |
2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
2012-03-07 | Name : Ubuntu Update for ruby1.8 USN-1377-1 File : nvt/gb_ubuntu_USN_1377_1.nasl |
2011-08-18 | Name : CentOS Update for irb CESA-2011:0908 centos4 i386 File : nvt/gb_CESA-2011_0908_irb_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for ruby CESA-2011:0909 centos5 i386 File : nvt/gb_CESA-2011_0909_ruby_centos5_i386.nasl |
2011-07-08 | Name : RedHat Update for ruby RHSA-2011:0908-01 File : nvt/gb_RHSA-2011_0908-01_ruby.nasl |
2011-07-08 | Name : RedHat Update for ruby RHSA-2011:0909-01 File : nvt/gb_RHSA-2011_0909-01_ruby.nasl |
2011-06-03 | Name : Mandriva Update for ruby MDVSA-2011:097 (ruby) File : nvt/gb_mandriva_MDVSA_2011_097.nasl |
2011-03-09 | Name : Ruby '#to_s' Security Bypass Vulnerability File : nvt/gb_ruby_sec_bypass_vuln_win.nasl |
2011-03-07 | Name : Fedora Update for ruby FEDORA-2011-1913 File : nvt/gb_fedora_2011_1913_ruby_fc13.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70957 | Ruby Exception#to_s Method Safe Level Security Bypass Ruby contains a flaw related to the safe-level feature . The issue is triggered when a context-dependent attacker exploits a flaw within the exception '#to_s' handling. This may allow an attacker to bypass safe-level protection and modify strings via the 'Exception#to_s' method. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-06-01 | Name : The remote Debian host is missing a security update. File : debian_DLA-235.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_ruby_20130924.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-27.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_ruby-110517.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-167.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-173.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-139.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0612.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0129.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0908.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0909.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0910.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0909.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-124.nasl - Type : ACT_GATHER_INFO |
2013-03-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ruby-130221.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0612.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0612.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130307_ruby_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0129.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_ruby_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0129.nasl - Type : ACT_GATHER_INFO |
2012-11-02 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3decc87d249811e2b0c7000d601460a4.nasl - Type : ACT_GATHER_INFO |
2012-10-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1614-1.nasl - Type : ACT_GATHER_INFO |
2012-10-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1603-2.nasl - Type : ACT_GATHER_INFO |
2012-10-22 | Name : The remote Fedora host is missing a security update. File : fedora_2012-16086.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-16071.nasl - Type : ACT_GATHER_INFO |
2012-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15507.nasl - Type : ACT_GATHER_INFO |
2012-10-11 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1603-1.nasl - Type : ACT_GATHER_INFO |
2012-09-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1583-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110628_ruby_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110628_ruby_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110628_ruby_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-002.nasl - Type : ACT_GATHER_INFO |
2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO |
2012-02-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1377-1.nasl - Type : ACT_GATHER_INFO |
2011-08-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0908.nasl - Type : ACT_GATHER_INFO |
2011-06-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0910.nasl - Type : ACT_GATHER_INFO |
2011-06-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0909.nasl - Type : ACT_GATHER_INFO |
2011-06-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0908.nasl - Type : ACT_GATHER_INFO |
2011-05-31 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ruby-110517.nasl - Type : ACT_GATHER_INFO |
2011-05-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-097.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1913.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:38 |
|
2013-05-02 21:20:22 |
|
2013-01-08 09:18:10 |
|