Detections
Analytics

NewStart CGSL MAIN 6.06 : ruby Multiple Vulnerabilities (NS-SA-2025-0208)

medium Nessus Plugin ID 266226

Synopsis

The remote NewStart CGSL host is affected by multiple vulnerabilities.

Description

The remote NewStart CGSL host, running version MAIN 6.06, has ruby packages installed that are affected by multiple vulnerabilities:

 - CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.
 (CVE-2008-5189)

 - Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. (CVE-2008-1891)

 - Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815. (CVE-2012-5371)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the vulnerable CGSL ruby packages. Note that updated packages may not be available yet. Please contact ZTE for more information.

See Also

https://security.gd-linux.com/notice/NS-SA-2025-0208

https://security.gd-linux.com/info/CVE-2008-1891

https://security.gd-linux.com/info/CVE-2008-5189

https://security.gd-linux.com/info/CVE-2012-5371

Plugin Details

Severity: Medium

ID: 266226

File Name: newstart_cgsl_NS-SA-2025-0208_ruby.nasl

Version: 1.1

Type: local

Published: 9/30/2025

Updated: 9/30/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2008-5189

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:zte:cgsl_main:rubygem-psych, p-cpe:/a:zte:cgsl_main:rubygems, p-cpe:/a:zte:cgsl_main:rubygem-irb, p-cpe:/a:zte:cgsl_main:ruby-libs, p-cpe:/a:zte:cgsl_main:rubygem-bigdecimal, p-cpe:/a:zte:cgsl_main:rubygem-json, cpe:/o:zte:cgsl_main:6, p-cpe:/a:zte:cgsl_main:rubygem-openssl, p-cpe:/a:zte:cgsl_main:rubygem-io-console, p-cpe:/a:zte:cgsl_main:ruby, p-cpe:/a:zte:cgsl_main:rubygem-rdoc

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 9/30/2025

Vulnerability Publication Date: 4/18/2008

Reference Information

CVE: CVE-2008-1891, CVE-2008-5189, CVE-2012-5371