Description
There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:
- In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the
Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the
corresponding method, unintentional directory traversal may be performed. (CVE-2018-8780)
- Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows
an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response
for the HTTP server of WEBrick. (CVE-2017-17742)
- Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10,
2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to
create arbitrary directories or files via a .. (dot dot) in the prefix argument. (CVE-2018-6914)
- In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an
attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to
WEBrick server/handler and cause a denial of service (memory consumption). (CVE-2018-8777)
- In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an
attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer
under-read in the String#unpack method, resulting in a massive and controlled information disclosure.
(CVE-2018-8778)
Plugin Details
Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 3/28/2018
Reference Information
CVE: CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
BID: 103683, 103684, 103686, 103693, 103739, 103767