Mandriva Linux Security Advisory : ruby (MDVSA-2008:226)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

A denial of service condition was found in Ruby's regular expression
engine. If a Ruby script tried to process a large amount of data via a
regular expression, it could cause Ruby to enter an infinite loop and
crash (CVE-2008-3443).

A number of flaws were found in Ruby that could allow an attacker to
create a carefully crafted script that could allow for the bypass of
certain safe-level restrictions (CVE-2008-3655).

A denial of service vulnerability was found in Ruby's HTTP server
toolkit, WEBrick. A remote attacker could send a specially crafted
HTTP request to a WEBrick server that would cause it to use an
excessive amount of CPU time (CVE-2008-3656).

An insufficient taintness check issue was found in Ruby's DL module, a
module that provides direct access to the C language functions. This
flaw could be used by an attacker to bypass intended safe-level
restrictions by calling external C functions with the arguments from
an untrusted tainted input (CVE-2008-3657).

A denial of service condition in Ruby's XML document parsing module
(REXML) could cause a Ruby application using the REXML module to use
an excessive amount of CPU and memory via XML documents with large XML
entitity definitions recursion (CVE-2008-3790).

The Ruby DNS resolver library used predictable transaction IDs and a
fixed source port when sending DNS requests. This could be used by a
remote attacker to spoof a malicious reply to a DNS query
(CVE-2008-3905).

The updated packages have been patched to correct these issues.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 38018 (mandriva_MDVSA-2008-226.nasl)

Bugtraq ID:

CVE ID: CVE-2008-3443
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now