FreeBSD : ruby -- multiple vulnerabilities (76562594-1f19-11db-b7d4-0008743bf21a)
Medium Nessus Plugin ID 22139
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionSecunia reports :
Two vulnerabilities have been reported in Ruby, which can be exploited by malicious people to bypass certain security restrictions.
- An error in the handling of the 'alias' functionality can be exploited to bypass the safe level protection and replace methods called in the trusted level.
- An error caused due to directory operations not being properly checked can be exploited to bypass the safe level protection and close untainted directory streams.
SolutionUpdate the affected packages.