This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Aaron Patterson reports :
When parsing certain JSON documents, the JSON gem can be coerced in to
creating Ruby symbols in a target system. Since Ruby symbols are not
garbage collected, this can result in a denial of service attack.
The same technique can be used to create objects in a target system
that act like internal objects. These 'act alike' objects can be used
to bypass certain security mechanisms and can be used as a spring
board for SQL injection attacks in Ruby on Rails.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5