CVE-2013-4073

MEDIUM

Details

Source: MITRE

Published: 2013-08-18

Updated: 2018-08-13

Type: CWE-310

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ruby-lang:ruby:1.8.6-26:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p160:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p173:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p174:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p248:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p249:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p299:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p301:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p302:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p330:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p334:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p352:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p357:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p358:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p370:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p371:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p373:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p286:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p383:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p385:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p392:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p426:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.3:p429:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
124931EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428)NessusHuawei Local Security Checks
high
119342RHEL 6 : ruby193-ruby (RHSA-2013:1137)NessusRed Hat Local Security Checks
medium
80755Oracle Solaris Third-Party Patch Update : ruby (cve_2013_4073_cryptographic_issues)NessusSolaris Local Security Checks
medium
75082openSUSE Security Update : ruby19 (openSUSE-SU-2013:1181-1)NessusSuSE Local Security Checks
medium
75079openSUSE Security Update : ruby19 (openSUSE-SU-2013:1179-1)NessusSuSE Local Security Checks
medium
72873SuSE 11.3 Security Update : python (SAT Patch Number 8892)NessusSuSE Local Security Checks
medium
8138Mac OS X < 10.9.2 Multiple Vulnerabilities Nessus Network MonitorWeb Clients
critical
72688Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)NessusMacOS X Local Security Checks
critical
72687Mac OS X 10.9.x < 10.9.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
71426PHP 5.3.x < 5.3.28 Multiple OpenSSL VulnerabilitiesNessusCGI abuses
high
71220Debian DSA-2809-1 : ruby1.8 - several vulnerabilitiesNessusDebian Local Security Checks
medium
70663Puppet Enterprise < 3.0.1 Multiple VulnerabilitiesNessusCGI abuses
medium
70561Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)NessusMacOS X Local Security Checks
high
69398Debian DSA-2738-1 : ruby1.9.1 - several vulnerabilitiesNessusDebian Local Security Checks
medium
69168SuSE 11.2 / 11.3 Security Update : ruby (SAT Patch Numbers 8026 / 8027)NessusSuSE Local Security Checks
medium
69118SuSE 10 Security Update : ruby (ZYPP Patch Number 8639)NessusSuSE Local Security Checks
medium
69089Mandriva Linux Security Advisory : ruby (MDVSA-2013:201)NessusMandriva Local Security Checks
medium
68976Oracle Linux 5 / 6 : ruby (ELSA-2013-1090)NessusOracle Linux Local Security Checks
medium
68946Scientific Linux Security Update : ruby on SL5.x, SL6.x i386/srpm/x86_64 (20130717)NessusScientific Linux Local Security Checks
medium
68944RHEL 5 / 6 : ruby (RHSA-2013:1090)NessusRed Hat Local Security Checks
medium
68941CentOS 5 / 6 : ruby (CESA-2013:1090)NessusCentOS Local Security Checks
medium
68896Fedora 19 : ruby-2.0.0.247-14.fc19 (2013-12663)NessusFedora Local Security Checks
medium
67339Fedora 18 : ruby-1.9.3.448-31.fc18 (2013-12123)NessusFedora Local Security Checks
medium
67334Fedora 17 : ruby-1.9.3.448-31.fc17 (2013-12062)NessusFedora Local Security Checks
medium
67251FreeBSD : ruby -- Hostname check bypassing vulnerability in SSL client (ebd877b9-7ef4-4375-b1fd-c67780581898)NessusFreeBSD Local Security Checks
medium
67224Ubuntu 12.04 LTS / 12.10 / 13.04 : ruby1.8, ruby1.9.1 vulnerability (USN-1902-1)NessusUbuntu Local Security Checks
medium
67009Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-178-01)NessusSlackware Local Security Checks
medium