This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Ruby Gem developers report :
The patch for CVE-2013-4363 was insufficiently verified so the
combined regular expression for verifying gem version remains
vulnerable following CVE-2013-4363.
RubyGems validates versions with a regular expression that is
vulnerable to denial of service due to backtracking. For specially
crafted RubyGems versions attackers can cause denial of service
through CPU consumption.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3