Scientific Linux Security Update : ruby on SL3.x i386/x86_64
Critical Nessus Plugin ID 60441
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionMultiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726)
It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664)
A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. A remote attacker could send a specially crafted request and cause the Ruby CGI script to enter an infinite loop, possibly causing a denial of service. (CVE-2006-6303)
SolutionUpdate the affected packages.