Executive Summary
Summary | |
---|---|
Title | ruby security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0896 | First vendor Publication | 2008-10-21 |
Vendor | RedHat | Last vendor Modification | 2008-10-21 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 458948 - CVE-2008-3655 ruby: multiple insufficient safe mode restrictions 459266 - CVE-2008-3443 ruby: Memory allocation failure in Ruby regex engine (remotely exploitable DoS) 461495 - CVE-2008-3905 ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0896.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-287 | Improper Authentication |
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10034 | |||
Oval ID: | oval:org.mitre.oval:def:10034 | ||
Title: | resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. | ||
Description: | resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3905 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11602 | |||
Oval ID: | oval:org.mitre.oval:def:11602 | ||
Title: | Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3. | ||
Description: | Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3655 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17538 | |||
Oval ID: | oval:org.mitre.oval:def:17538 | ||
Title: | USN-651-1 -- ruby1.8 vulnerabilities | ||
Description: | Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-651-1 CVE-2008-2376 CVE-2008-3443 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-1447 CVE-2008-3905 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | ruby1.8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18456 | |||
Oval ID: | oval:org.mitre.oval:def:18456 | ||
Title: | DSA-1652-1 ruby1.9 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1652-1 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | ruby1.9 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20309 | |||
Oval ID: | oval:org.mitre.oval:def:20309 | ||
Title: | DSA-1651-1 ruby1.8 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1651-1 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | ruby1.8 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28242 | |||
Oval ID: | oval:org.mitre.oval:def:28242 | ||
Title: | RHSA-2008:0897 -- ruby security update (Moderate) | ||
Description: | Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0897 CESA-2008:0897-CentOS 5 CVE-2008-1145 CVE-2008-3443 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7935 | |||
Oval ID: | oval:org.mitre.oval:def:7935 | ||
Title: | DSA-1651 ruby1.8 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems: Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. It was discovered that the dl module doesn't perform taintness checks. Luka Treiber and Mitja Kolsek discovered that recursively nested XML entities can lead to denial of service through resource exhaustion in rexml. Tanaka Akira discovered that the resolv module uses sequential transaction IDs and a fixed source port for DNS queries, which makes it more vulnerable to DNS spoofing attacks. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1651 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | ruby1.8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8055 | |||
Oval ID: | oval:org.mitre.oval:def:8055 | ||
Title: | DSA-1652 ruby1.9 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems: Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. It was discovered that the dl module doesn't perform taintness checks. Luka Treiber and Mitja Kolsek discovered that recursively nested XML entities can lead to denial of service through resource exhaustion in rexml. Tanaka Akira discovered that the resolv module uses sequential transaction IDs and a fixed source port for DNS queries, which makes it more vulnerable to DNS spoofing attacks. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1652 CVE-2008-3655 CVE-2008-3656 CVE-2008-3657 CVE-2008-3790 CVE-2008-3905 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | ruby1.9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9570 | |||
Oval ID: | oval:org.mitre.oval:def:9570 | ||
Title: | The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick. | ||
Description: | The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3443 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-11 | Name : SLES11: Security update for ruby File : nvt/sles11_ruby.nasl |
2009-10-10 | Name : SLES9: Security update for ruby File : nvt/sles9p5053737.nasl |
2009-07-29 | Name : SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client) File : nvt/suse_sa_2009_037.nasl |
2009-06-05 | Name : Ubuntu USN-698-3 (nagios2) File : nvt/ubuntu_698_3.nasl |
2009-04-09 | Name : Mandriva Update for ruby MDVSA-2008:226 (ruby) File : nvt/gb_mandriva_MDVSA_2008_226.nasl |
2009-03-23 | Name : Ubuntu Update for ruby1.9 vulnerability USN-691-1 File : nvt/gb_ubuntu_USN_691_1.nasl |
2009-03-23 | Name : Ubuntu Update for ruby1.8 vulnerabilities USN-651-1 File : nvt/gb_ubuntu_USN_651_1.nasl |
2009-03-06 | Name : RedHat Update for ruby RHSA-2008:0897-01 File : nvt/gb_RHSA-2008_0897-01_ruby.nasl |
2009-03-06 | Name : RedHat Update for ruby RHSA-2008:0896-01 File : nvt/gb_RHSA-2008_0896-01_ruby.nasl |
2009-03-06 | Name : RedHat Update for ruby RHSA-2008:0895-02 File : nvt/gb_RHSA-2008_0895-02_ruby.nasl |
2009-02-27 | Name : CentOS Update for irb CESA-2008:0897 centos4 x86_64 File : nvt/gb_CESA-2008_0897_irb_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for irb CESA-2008:0897 centos4 i386 File : nvt/gb_CESA-2008_0897_irb_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for irb CESA-2008:0896 centos3 x86_64 File : nvt/gb_CESA-2008_0896_irb_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for irb CESA-2008:0896 centos3 i386 File : nvt/gb_CESA-2008_0896_irb_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for ruby CESA-2008:0895-02 centos2 i386 File : nvt/gb_CESA-2008_0895-02_ruby_centos2_i386.nasl |
2009-02-17 | Name : Fedora Update for ruby FEDORA-2008-8736 File : nvt/gb_fedora_2008_8736_ruby_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby FEDORA-2008-8738 File : nvt/gb_fedora_2008_8738_ruby_fc9.nasl |
2009-01-07 | Name : Debian Security Advisory DSA 1695-1 (ruby1.8, ruby1.9) File : nvt/deb_1695_1.nasl |
2008-12-23 | Name : Gentoo Security Advisory GLSA 200812-17 (ruby) File : nvt/glsa_200812_17.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1651-1 (ruby1.8) File : nvt/deb_1651_1.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1652-1 (ruby1.9) File : nvt/deb_1652_1.nasl |
2008-09-04 | Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma File : nvt/freebsd_ruby8.nasl |
2008-09-04 | Name : FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma File : nvt/freebsd_ruby7.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47800 | Ruby Regexp Engine (regex.c) Crafted Socket Request DoS |
47470 | Ruby Safe Level Multiple Function Restriction Bypass |
47469 | Ruby resolv.rb DNS Query ID Field Prediction Cache Poisoning |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0897.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0896.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081021_ruby_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ruby-6338.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_ruby-6339.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ruby-090703.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12452.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_ruby-090703.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_ruby-090703.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-691-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-651-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-226.nasl - Type : ACT_GATHER_INFO |
2009-01-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1695.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-17.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-334-01.nasl - Type : ACT_GATHER_INFO |
2008-10-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0897.nasl - Type : ACT_GATHER_INFO |
2008-10-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0895.nasl - Type : ACT_GATHER_INFO |
2008-10-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0896.nasl - Type : ACT_GATHER_INFO |
2008-10-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0897.nasl - Type : ACT_GATHER_INFO |
2008-10-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0896.nasl - Type : ACT_GATHER_INFO |
2008-10-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1652.nasl - Type : ACT_GATHER_INFO |
2008-10-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1651.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8738.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8736.nasl - Type : ACT_GATHER_INFO |
2008-08-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f7ba20aa6b5a11dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO |
2008-08-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c329712a6b5b11dd9d79001fc61c2a55.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:59 |
|