How to Buy
This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200812-17
(Ruby: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in the Ruby interpreter
and its standard libraries. Drew Yao of Apple Product Security
discovered the following flaws:
Arbitrary code execution
or Denial of Service (memory corruption) in the rb_str_buf_append()
Arbitrary code execution or Denial
of Service (memory corruption) in the rb_ary_stor() function
Memory corruption via alloca in the
rb_str_format() function (CVE-2008-2664).
('REALLOC_N') in the rb_ary_splice() and rb_ary_replace() functions
Memory corruption ('beg + rlen') in the
rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2726).
Furthermore, several other vulnerabilities have been reported:
Tanaka Akira reported an issue with resolv.rb that enables
attackers to spoof DNS responses (CVE-2008-1447).
of RedHat discovered a Denial of Service (crash) issue in the
rb_ary_fill() function in array.c (CVE-2008-2376).
safe level bypass vulnerabilities were discovered and reported by Keita
Christian Neukirchen is credited
for discovering a Denial of Service (CPU consumption) attack in the
WEBRick HTTP server (CVE-2008-3656).
A fault in the dl module
allowed the circumvention of taintness checks which could possibly lead
to insecure code execution was reported by 'sheepman'
Tanaka Akira again found a DNS spoofing
vulnerability caused by the resolv.rb implementation using poor
Luka Treiber and Mitja Kolsek
(ACROS Security) disclosed a Denial of Service (CPU consumption)
vulnerability in the REXML module when dealing with recursive entity
These vulnerabilities allow remote attackers to execute arbitrary code,
spoof DNS responses, bypass Ruby's built-in security and taintness
checks, and cause a Denial of Service via crash or CPU exhaustion.
There is no known workaround at this time.
See also :
All Ruby users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-lang/ruby-1.8.6_p287-r1'
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : false
Family: Gentoo Local Security Checks
Nessus Plugin ID: 35188 (gentoo_GLSA-200812-17.nasl)
Bugtraq ID: 299033003630131306443080231699
CVE ID: CVE-2008-1447CVE-2008-2376CVE-2008-2662CVE-2008-2663CVE-2008-2664CVE-2008-2725CVE-2008-2726CVE-2008-3655CVE-2008-3656CVE-2008-3657CVE-2008-3790CVE-2008-3905
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.