FreeBSD : ruby -- cgi.rb library Denial of Service (a8674c14-83d7-11db-88d5-0012f06707f0)
Medium Nessus Plugin ID 23771
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe official ruby site reports :
Another vulnerability has been discovered in the CGI library (cgi.rb) that ships with Ruby which could be used by a malicious user to create a denial of service attack (DoS).
A specific HTTP request for any web application using cgi.rb causes CPU consumption on the machine on which the web application is running. Many such requests result in a denial of service.
SolutionUpdate the affected packages.