Scientific Linux Security Update : ruby on SL3.x, SL4.x, SL5.x i386/x86_64

High Nessus Plugin ID 60485

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.6

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905)

Ruby's XML document parsing module (REXML) was prone to a denial of service attack via XML documents with large XML entity definitions recursion. A specially crafted XML file could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory.
(CVE-2008-3790)

An insufficient 'taintness' check flaw was discovered in Ruby's DL module, which provides direct access to the C language functions. An attacker could use this flaw to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted inputs. (CVE-2008-3657)

A denial of service flaw was discovered in WEBrick, Ruby's HTTP server toolkit. A remote attacker could send a specially crafted HTTP request to a WEBrick server that would cause the server to use an excessive amount of CPU time. (CVE-2008-3656)

A number of flaws were found in the safe-level restrictions in Ruby.
It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655)

A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443)

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?c0d1a4fd

Plugin Details

Severity: High

ID: 60485

File Name: sl_20081021_ruby_on_SL3_x.nasl

Version: 1.8

Type: local

Agent: unix

Published: 2012/08/01

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 6.6

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2008/10/21

Reference Information

CVE: CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905

CWE: 20, 264, 287, 399