ID CVE-2008-2726
Summary Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
References
Vulnerable Configurations
  • Ruby-lang Ruby 1.8.4
    cpe:2.3:a:ruby-lang:ruby:1.8.4
  • Ruby-lang Ruby 1.8.5
    cpe:2.3:a:ruby-lang:ruby:1.8.5
  • Ruby-lang Ruby 1.8.5 Preview 1
    cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1
  • Ruby-lang Ruby 1.8.5 Preview 2
    cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2
  • Ruby-lang Ruby 1.8.5 Preview 3
    cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3
  • Ruby-lang Ruby 1.8.5 Preview 4
    cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4
  • Ruby-lang Ruby 1.8.5 Preview 5
    cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5
  • Ruby-lang Ruby 1.8.5.1
    cpe:2.3:a:ruby-lang:ruby:1.8.5.1
  • Ruby-lang Ruby 1.8.5.2
    cpe:2.3:a:ruby-lang:ruby:1.8.5.2
  • Ruby-lang Ruby 1.8.5.3
    cpe:2.3:a:ruby-lang:ruby:1.8.5.3
  • Ruby-lang Ruby 1.8.5.4
    cpe:2.3:a:ruby-lang:ruby:1.8.5.4
  • Ruby-lang Ruby 1.8.5.5
    cpe:2.3:a:ruby-lang:ruby:1.8.5.5
  • Ruby-lang Ruby 1.8.5.6
    cpe:2.3:a:ruby-lang:ruby:1.8.5.6
  • Ruby-lang Ruby 1.8.5.7
    cpe:2.3:a:ruby-lang:ruby:1.8.5.7
  • Ruby-lang Ruby 1.8.5.8
    cpe:2.3:a:ruby-lang:ruby:1.8.5.8
  • Ruby-lang Ruby 1.8.5.9
    cpe:2.3:a:ruby-lang:ruby:1.8.5.9
  • Ruby-lang Ruby 1.8.5.10
    cpe:2.3:a:ruby-lang:ruby:1.8.5.10
  • Ruby-lang Ruby 1.8.5.11
    cpe:2.3:a:ruby-lang:ruby:1.8.5.11
  • Ruby-lang Ruby 1.8.5.12
    cpe:2.3:a:ruby-lang:ruby:1.8.5.12
  • Ruby-lang Ruby 1.8.5.13
    cpe:2.3:a:ruby-lang:ruby:1.8.5.13
  • Ruby-lang Ruby 1.8.5.14
    cpe:2.3:a:ruby-lang:ruby:1.8.5.14
  • Ruby-lang Ruby 1.8.5.15
    cpe:2.3:a:ruby-lang:ruby:1.8.5.15
  • Ruby-lang Ruby 1.8.5.16
    cpe:2.3:a:ruby-lang:ruby:1.8.5.16
  • Ruby-lang Ruby 1.8.5.17
    cpe:2.3:a:ruby-lang:ruby:1.8.5.17
  • Ruby-lang Ruby 1.8.5.18
    cpe:2.3:a:ruby-lang:ruby:1.8.5.18
  • Ruby-lang Ruby 1.8.5.19
    cpe:2.3:a:ruby-lang:ruby:1.8.5.19
  • Ruby-lang Ruby 1.8.5.20
    cpe:2.3:a:ruby-lang:ruby:1.8.5.20
  • Ruby-lang Ruby 1.8.5.21
    cpe:2.3:a:ruby-lang:ruby:1.8.5.21
  • Ruby-lang Ruby 1.8.5.22
    cpe:2.3:a:ruby-lang:ruby:1.8.5.22
  • Ruby-lang Ruby 1.8.5.23
    cpe:2.3:a:ruby-lang:ruby:1.8.5.23
  • Ruby-lang Ruby 1.8.5.24
    cpe:2.3:a:ruby-lang:ruby:1.8.5.24
  • Ruby-lang Ruby 1.8.5.25
    cpe:2.3:a:ruby-lang:ruby:1.8.5.25
  • Ruby-lang Ruby 1.8.5.26
    cpe:2.3:a:ruby-lang:ruby:1.8.5.26
  • Ruby-lang Ruby 1.8.5.27
    cpe:2.3:a:ruby-lang:ruby:1.8.5.27
  • Ruby-lang Ruby 1.8.5.28
    cpe:2.3:a:ruby-lang:ruby:1.8.5.28
  • Ruby-lang Ruby 1.8.5.29
    cpe:2.3:a:ruby-lang:ruby:1.8.5.29
  • Ruby-lang Ruby 1.8.5.30
    cpe:2.3:a:ruby-lang:ruby:1.8.5.30
  • Ruby-lang Ruby 1.8.5.31
    cpe:2.3:a:ruby-lang:ruby:1.8.5.31
  • Ruby-lang Ruby 1.8.5.32
    cpe:2.3:a:ruby-lang:ruby:1.8.5.32
  • Ruby-lang Ruby 1.8.5.33
    cpe:2.3:a:ruby-lang:ruby:1.8.5.33
  • Ruby-lang Ruby 1.8.5.34
    cpe:2.3:a:ruby-lang:ruby:1.8.5.34
  • Ruby-lang Ruby 1.8.5.35
    cpe:2.3:a:ruby-lang:ruby:1.8.5.35
  • Ruby-lang Ruby 1.8.5.36
    cpe:2.3:a:ruby-lang:ruby:1.8.5.36
  • Ruby-lang Ruby 1.8.5.37
    cpe:2.3:a:ruby-lang:ruby:1.8.5.37
  • Ruby-lang Ruby 1.8.5.39
    cpe:2.3:a:ruby-lang:ruby:1.8.5.39
  • Ruby-lang Ruby 1.8.5.40
    cpe:2.3:a:ruby-lang:ruby:1.8.5.40
  • Ruby-lang Ruby 1.8.5.41
    cpe:2.3:a:ruby-lang:ruby:1.8.5.41
  • Ruby-lang Ruby 1.8.5.42
    cpe:2.3:a:ruby-lang:ruby:1.8.5.42
  • Ruby-lang Ruby 1.8.5.43
    cpe:2.3:a:ruby-lang:ruby:1.8.5.43
  • Ruby-lang Ruby 1.8.5.44
    cpe:2.3:a:ruby-lang:ruby:1.8.5.44
  • Ruby-lang Ruby 1.8.5.45
    cpe:2.3:a:ruby-lang:ruby:1.8.5.45
  • Ruby-lang Ruby 1.8.5.46
    cpe:2.3:a:ruby-lang:ruby:1.8.5.46
  • Ruby-lang Ruby 1.8.5.47
    cpe:2.3:a:ruby-lang:ruby:1.8.5.47
  • Ruby-lang Ruby 1.8.5.48
    cpe:2.3:a:ruby-lang:ruby:1.8.5.48
  • Ruby-lang Ruby 1.8.5.49
    cpe:2.3:a:ruby-lang:ruby:1.8.5.49
  • Ruby-lang Ruby 1.8.5.51
    cpe:2.3:a:ruby-lang:ruby:1.8.5.51
  • Ruby-lang Ruby 1.8.5.52
    cpe:2.3:a:ruby-lang:ruby:1.8.5.52
  • Ruby-lang Ruby 1.8.5.53
    cpe:2.3:a:ruby-lang:ruby:1.8.5.53
  • Ruby-lang Ruby 1.8.5.54
    cpe:2.3:a:ruby-lang:ruby:1.8.5.54
  • Ruby-lang Ruby 1.8.5.55
    cpe:2.3:a:ruby-lang:ruby:1.8.5.55
  • Ruby-lang Ruby 1.8.5.56
    cpe:2.3:a:ruby-lang:ruby:1.8.5.56
  • Ruby-lang Ruby 1.8.5.57
    cpe:2.3:a:ruby-lang:ruby:1.8.5.57
  • Ruby-lang Ruby 1.8.5.58
    cpe:2.3:a:ruby-lang:ruby:1.8.5.58
  • Ruby-lang Ruby 1.8.5.59
    cpe:2.3:a:ruby-lang:ruby:1.8.5.59
  • Ruby-lang Ruby 1.8.5.60
    cpe:2.3:a:ruby-lang:ruby:1.8.5.60
  • Ruby-lang Ruby 1.8.5.61
    cpe:2.3:a:ruby-lang:ruby:1.8.5.61
  • Ruby-lang Ruby 1.8.5.62
    cpe:2.3:a:ruby-lang:ruby:1.8.5.62
  • Ruby-lang Ruby 1.8.5.63
    cpe:2.3:a:ruby-lang:ruby:1.8.5.63
  • Ruby-lang Ruby 1.8.5.64
    cpe:2.3:a:ruby-lang:ruby:1.8.5.64
  • Ruby-lang Ruby 1.8.5.65
    cpe:2.3:a:ruby-lang:ruby:1.8.5.65
  • Ruby-lang Ruby 1.8.5.66
    cpe:2.3:a:ruby-lang:ruby:1.8.5.66
  • Ruby-lang Ruby 1.8.5.67
    cpe:2.3:a:ruby-lang:ruby:1.8.5.67
  • Ruby-lang Ruby 1.8.5.68
    cpe:2.3:a:ruby-lang:ruby:1.8.5.68
  • Ruby-lang Ruby 1.8.5.69
    cpe:2.3:a:ruby-lang:ruby:1.8.5.69
  • Ruby-lang Ruby 1.8.5.70
    cpe:2.3:a:ruby-lang:ruby:1.8.5.70
  • Ruby-lang Ruby 1.8.5.71
    cpe:2.3:a:ruby-lang:ruby:1.8.5.71
  • Ruby-lang Ruby 1.8.5.72
    cpe:2.3:a:ruby-lang:ruby:1.8.5.72
  • Ruby-lang Ruby 1.8.5.73
    cpe:2.3:a:ruby-lang:ruby:1.8.5.73
  • Ruby-lang Ruby 1.8.5.74
    cpe:2.3:a:ruby-lang:ruby:1.8.5.74
  • Ruby-lang Ruby 1.8.5.75
    cpe:2.3:a:ruby-lang:ruby:1.8.5.75
  • Ruby-lang Ruby 1.8.5.76
    cpe:2.3:a:ruby-lang:ruby:1.8.5.76
  • Ruby-lang Ruby 1.8.5.77
    cpe:2.3:a:ruby-lang:ruby:1.8.5.77
  • Ruby-lang Ruby 1.8.5.78
    cpe:2.3:a:ruby-lang:ruby:1.8.5.78
  • Ruby-lang Ruby 1.8.5.79
    cpe:2.3:a:ruby-lang:ruby:1.8.5.79
  • Ruby-lang Ruby 1.8.5.80
    cpe:2.3:a:ruby-lang:ruby:1.8.5.80
  • Ruby-lang Ruby 1.8.5.81
    cpe:2.3:a:ruby-lang:ruby:1.8.5.81
  • Ruby-lang Ruby 1.8.5.82
    cpe:2.3:a:ruby-lang:ruby:1.8.5.82
  • Ruby-lang Ruby 1.8.5.83
    cpe:2.3:a:ruby-lang:ruby:1.8.5.83
  • Ruby-lang Ruby 1.8.5.84
    cpe:2.3:a:ruby-lang:ruby:1.8.5.84
  • Ruby-lang Ruby 1.8.5.85
    cpe:2.3:a:ruby-lang:ruby:1.8.5.85
  • Ruby-lang Ruby 1.8.5.86
    cpe:2.3:a:ruby-lang:ruby:1.8.5.86
  • Ruby-lang Ruby 1.8.5.87
    cpe:2.3:a:ruby-lang:ruby:1.8.5.87
  • Ruby-lang Ruby 1.8.5.88
    cpe:2.3:a:ruby-lang:ruby:1.8.5.88
  • Ruby-lang Ruby 1.8.5.89
    cpe:2.3:a:ruby-lang:ruby:1.8.5.89
  • Ruby-lang Ruby 1.8.5.90
    cpe:2.3:a:ruby-lang:ruby:1.8.5.90
  • Ruby-lang Ruby 1.8.5.91
    cpe:2.3:a:ruby-lang:ruby:1.8.5.91
  • Ruby-lang Ruby 1.8.5.92
    cpe:2.3:a:ruby-lang:ruby:1.8.5.92
  • Ruby-lang Ruby 1.8.5.93
    cpe:2.3:a:ruby-lang:ruby:1.8.5.93
  • Ruby-lang Ruby 1.8.5.94
    cpe:2.3:a:ruby-lang:ruby:1.8.5.94
  • Ruby-lang Ruby 1.8.5.95
    cpe:2.3:a:ruby-lang:ruby:1.8.5.95
  • Ruby-lang Ruby 1.8.5.96
    cpe:2.3:a:ruby-lang:ruby:1.8.5.96
  • Ruby-lang Ruby 1.8.5.97
    cpe:2.3:a:ruby-lang:ruby:1.8.5.97
  • Ruby-lang Ruby 1.8.5.98
    cpe:2.3:a:ruby-lang:ruby:1.8.5.98
  • Ruby-lang Ruby 1.8.5.99
    cpe:2.3:a:ruby-lang:ruby:1.8.5.99
  • Ruby-lang Ruby 1.8.5.100
    cpe:2.3:a:ruby-lang:ruby:1.8.5.100
  • Ruby-lang Ruby 1.8.5.101
    cpe:2.3:a:ruby-lang:ruby:1.8.5.101
  • Ruby-lang Ruby 1.8.5.102
    cpe:2.3:a:ruby-lang:ruby:1.8.5.102
  • Ruby-lang Ruby 1.8.5.103
    cpe:2.3:a:ruby-lang:ruby:1.8.5.103
  • Ruby-lang Ruby 1.8.5.104
    cpe:2.3:a:ruby-lang:ruby:1.8.5.104
  • Ruby-lang Ruby 1.8.5.105
    cpe:2.3:a:ruby-lang:ruby:1.8.5.105
  • Ruby-lang Ruby 1.8.5.106
    cpe:2.3:a:ruby-lang:ruby:1.8.5.106
  • Ruby-lang Ruby 1.8.5.107
    cpe:2.3:a:ruby-lang:ruby:1.8.5.107
  • Ruby-lang Ruby 1.8.5.108
    cpe:2.3:a:ruby-lang:ruby:1.8.5.108
  • Ruby-lang Ruby 1.8.5.109
    cpe:2.3:a:ruby-lang:ruby:1.8.5.109
  • Ruby-lang Ruby 1.8.5.110
    cpe:2.3:a:ruby-lang:ruby:1.8.5.110
  • Ruby-lang Ruby 1.8.5.111
    cpe:2.3:a:ruby-lang:ruby:1.8.5.111
  • Ruby-lang Ruby 1.8.5.113
    cpe:2.3:a:ruby-lang:ruby:1.8.5.113
  • Ruby-lang Ruby 1.8.5.114
    cpe:2.3:a:ruby-lang:ruby:1.8.5.114
  • Ruby-lang Ruby 1.8.5.115
    cpe:2.3:a:ruby-lang:ruby:1.8.5.115
  • Ruby-lang Ruby 1.8.5.116
    cpe:2.3:a:ruby-lang:ruby:1.8.5.116
  • Ruby-lang Ruby 1.8.5.122
    cpe:2.3:a:ruby-lang:ruby:1.8.5.122
  • Ruby-lang Ruby 1.8.5.123
    cpe:2.3:a:ruby-lang:ruby:1.8.5.123
  • Ruby-lang Ruby 1.8.5.124
    cpe:2.3:a:ruby-lang:ruby:1.8.5.124
  • Ruby-lang Ruby 1.8.5.125
    cpe:2.3:a:ruby-lang:ruby:1.8.5.125
  • Ruby-lang Ruby 1.8.5.126
    cpe:2.3:a:ruby-lang:ruby:1.8.5.126
  • Ruby-lang Ruby 1.8.5.127
    cpe:2.3:a:ruby-lang:ruby:1.8.5.127
  • Ruby-lang Ruby 1.8.5.128
    cpe:2.3:a:ruby-lang:ruby:1.8.5.128
  • Ruby-lang Ruby 1.8.5.129
    cpe:2.3:a:ruby-lang:ruby:1.8.5.129
  • Ruby-lang Ruby 1.8.5.130
    cpe:2.3:a:ruby-lang:ruby:1.8.5.130
  • Ruby-lang Ruby 1.8.5.131
    cpe:2.3:a:ruby-lang:ruby:1.8.5.131
  • Ruby-lang Ruby 1.8.5.132
    cpe:2.3:a:ruby-lang:ruby:1.8.5.132
  • Ruby-lang Ruby 1.8.5.133
    cpe:2.3:a:ruby-lang:ruby:1.8.5.133
  • Ruby-lang Ruby 1.8.5.134
    cpe:2.3:a:ruby-lang:ruby:1.8.5.134
  • Ruby-lang Ruby 1.8.5.135
    cpe:2.3:a:ruby-lang:ruby:1.8.5.135
  • Ruby-lang Ruby 1.8.5.136
    cpe:2.3:a:ruby-lang:ruby:1.8.5.136
  • Ruby-lang Ruby 1.8.5.137
    cpe:2.3:a:ruby-lang:ruby:1.8.5.137
  • Ruby-lang Ruby 1.8.5.138
    cpe:2.3:a:ruby-lang:ruby:1.8.5.138
  • Ruby-lang Ruby 1.8.5.139
    cpe:2.3:a:ruby-lang:ruby:1.8.5.139
  • Ruby-lang Ruby 1.8.5.140
    cpe:2.3:a:ruby-lang:ruby:1.8.5.140
  • Ruby-lang Ruby 1.8.5.141
    cpe:2.3:a:ruby-lang:ruby:1.8.5.141
  • Ruby-lang Ruby 1.8.5.142
    cpe:2.3:a:ruby-lang:ruby:1.8.5.142
  • Ruby-lang Ruby 1.8.5.145
    cpe:2.3:a:ruby-lang:ruby:1.8.5.145
  • Ruby-lang Ruby 1.8.5.146
    cpe:2.3:a:ruby-lang:ruby:1.8.5.146
  • Ruby-lang Ruby 1.8.5.147
    cpe:2.3:a:ruby-lang:ruby:1.8.5.147
  • Ruby-lang Ruby 1.8.5.148
    cpe:2.3:a:ruby-lang:ruby:1.8.5.148
  • Ruby-lang Ruby 1.8.5.149
    cpe:2.3:a:ruby-lang:ruby:1.8.5.149
  • Ruby-lang Ruby 1.8.5.150
    cpe:2.3:a:ruby-lang:ruby:1.8.5.150
  • Ruby-lang Ruby 1.8.5.151
    cpe:2.3:a:ruby-lang:ruby:1.8.5.151
  • Ruby-lang Ruby 1.8.5.153
    cpe:2.3:a:ruby-lang:ruby:1.8.5.153
  • Ruby-lang Ruby 1.8.5.154
    cpe:2.3:a:ruby-lang:ruby:1.8.5.154
  • Ruby-lang Ruby 1.8.5.155
    cpe:2.3:a:ruby-lang:ruby:1.8.5.155
  • Ruby-lang Ruby 1.8.5.156
    cpe:2.3:a:ruby-lang:ruby:1.8.5.156
  • Ruby-lang Ruby 1.8.5.157
    cpe:2.3:a:ruby-lang:ruby:1.8.5.157
  • Ruby-lang Ruby 1.8.5.158
    cpe:2.3:a:ruby-lang:ruby:1.8.5.158
  • Ruby-lang Ruby 1.8.5.159
    cpe:2.3:a:ruby-lang:ruby:1.8.5.159
  • Ruby-lang Ruby 1.8.5.160
    cpe:2.3:a:ruby-lang:ruby:1.8.5.160
  • Ruby-lang Ruby 1.8.5.161
    cpe:2.3:a:ruby-lang:ruby:1.8.5.161
  • Ruby-lang Ruby 1.8.5.162
    cpe:2.3:a:ruby-lang:ruby:1.8.5.162
  • Ruby-lang Ruby 1.8.5.163
    cpe:2.3:a:ruby-lang:ruby:1.8.5.163
  • Ruby-lang Ruby 1.8.5.164
    cpe:2.3:a:ruby-lang:ruby:1.8.5.164
  • Ruby-lang Ruby 1.8.5.165
    cpe:2.3:a:ruby-lang:ruby:1.8.5.165
  • Ruby-lang Ruby 1.8.5.166
    cpe:2.3:a:ruby-lang:ruby:1.8.5.166
  • Ruby-lang Ruby 1.8.5.167
    cpe:2.3:a:ruby-lang:ruby:1.8.5.167
  • Ruby-lang Ruby 1.8.5.168
    cpe:2.3:a:ruby-lang:ruby:1.8.5.168
  • Ruby-lang Ruby 1.8.5.169
    cpe:2.3:a:ruby-lang:ruby:1.8.5.169
  • Ruby-lang Ruby 1.8.5.170
    cpe:2.3:a:ruby-lang:ruby:1.8.5.170
  • Ruby-lang Ruby 1.8.5.171
    cpe:2.3:a:ruby-lang:ruby:1.8.5.171
  • Ruby-lang Ruby 1.8.5.172
    cpe:2.3:a:ruby-lang:ruby:1.8.5.172
  • Ruby-lang Ruby 1.8.5.173
    cpe:2.3:a:ruby-lang:ruby:1.8.5.173
  • Ruby-lang Ruby 1.8.5.174
    cpe:2.3:a:ruby-lang:ruby:1.8.5.174
  • Ruby-lang Ruby 1.8.5.175
    cpe:2.3:a:ruby-lang:ruby:1.8.5.175
  • Ruby-lang Ruby 1.8.5.176
    cpe:2.3:a:ruby-lang:ruby:1.8.5.176
  • Ruby-lang Ruby 1.8.5.177
    cpe:2.3:a:ruby-lang:ruby:1.8.5.177
  • Ruby-lang Ruby 1.8.5.178
    cpe:2.3:a:ruby-lang:ruby:1.8.5.178
  • Ruby-lang Ruby 1.8.5.179
    cpe:2.3:a:ruby-lang:ruby:1.8.5.179
  • Ruby-lang Ruby 1.8.5.180
    cpe:2.3:a:ruby-lang:ruby:1.8.5.180
  • Ruby-lang Ruby 1.8.5.181
    cpe:2.3:a:ruby-lang:ruby:1.8.5.181
  • Ruby-lang Ruby 1.8.5.182
    cpe:2.3:a:ruby-lang:ruby:1.8.5.182
  • Ruby-lang Ruby 1.8.5.183
    cpe:2.3:a:ruby-lang:ruby:1.8.5.183
  • Ruby-lang Ruby 1.8.5.184
    cpe:2.3:a:ruby-lang:ruby:1.8.5.184
  • Ruby-lang Ruby 1.8.5.185
    cpe:2.3:a:ruby-lang:ruby:1.8.5.185
  • Ruby-lang Ruby 1.8.5.186
    cpe:2.3:a:ruby-lang:ruby:1.8.5.186
  • Ruby-lang Ruby 1.8.5.187
    cpe:2.3:a:ruby-lang:ruby:1.8.5.187
  • Ruby-lang Ruby 1.8.5.188
    cpe:2.3:a:ruby-lang:ruby:1.8.5.188
  • Ruby-lang Ruby 1.8.5.189
    cpe:2.3:a:ruby-lang:ruby:1.8.5.189
  • Ruby-lang Ruby 1.8.5.190
    cpe:2.3:a:ruby-lang:ruby:1.8.5.190
  • Ruby-lang Ruby 1.8.5.191
    cpe:2.3:a:ruby-lang:ruby:1.8.5.191
  • Ruby-lang Ruby 1.8.5.192
    cpe:2.3:a:ruby-lang:ruby:1.8.5.192
  • Ruby-lang Ruby 1.8.5.193
    cpe:2.3:a:ruby-lang:ruby:1.8.5.193
  • Ruby-lang Ruby 1.8.5.194
    cpe:2.3:a:ruby-lang:ruby:1.8.5.194
  • Ruby-lang Ruby 1.8.5.195
    cpe:2.3:a:ruby-lang:ruby:1.8.5.195
  • Ruby-lang Ruby 1.8.5.196
    cpe:2.3:a:ruby-lang:ruby:1.8.5.196
  • Ruby-lang Ruby 1.8.5.197
    cpe:2.3:a:ruby-lang:ruby:1.8.5.197
  • Ruby-lang Ruby 1.8.5.198
    cpe:2.3:a:ruby-lang:ruby:1.8.5.198
  • Ruby-lang Ruby 1.8.5.199
    cpe:2.3:a:ruby-lang:ruby:1.8.5.199
  • Ruby-lang Ruby 1.8.5.200
    cpe:2.3:a:ruby-lang:ruby:1.8.5.200
  • Ruby-lang Ruby 1.8.5.201
    cpe:2.3:a:ruby-lang:ruby:1.8.5.201
  • Ruby-lang Ruby 1.8.5.202
    cpe:2.3:a:ruby-lang:ruby:1.8.5.202
  • Ruby-lang Ruby 1.8.5.203
    cpe:2.3:a:ruby-lang:ruby:1.8.5.203
  • Ruby-lang Ruby 1.8.5.204
    cpe:2.3:a:ruby-lang:ruby:1.8.5.204
  • Ruby-lang Ruby 1.8.5.205
    cpe:2.3:a:ruby-lang:ruby:1.8.5.205
  • Ruby-lang Ruby 1.8.5.206
    cpe:2.3:a:ruby-lang:ruby:1.8.5.206
  • Ruby-lang Ruby 1.8.5.207
    cpe:2.3:a:ruby-lang:ruby:1.8.5.207
  • Ruby-lang Ruby 1.8.5.208
    cpe:2.3:a:ruby-lang:ruby:1.8.5.208
  • Ruby-lang Ruby 1.8.5.209
    cpe:2.3:a:ruby-lang:ruby:1.8.5.209
  • Ruby-lang Ruby 1.8.5.210
    cpe:2.3:a:ruby-lang:ruby:1.8.5.210
  • Ruby-lang Ruby 1.8.5.211
    cpe:2.3:a:ruby-lang:ruby:1.8.5.211
  • Ruby-lang Ruby 1.8.5.212
    cpe:2.3:a:ruby-lang:ruby:1.8.5.212
  • Ruby-lang Ruby 1.8.5.213
    cpe:2.3:a:ruby-lang:ruby:1.8.5.213
  • Ruby-lang Ruby 1.8.5.214
    cpe:2.3:a:ruby-lang:ruby:1.8.5.214
  • Ruby-lang Ruby 1.8.5.215
    cpe:2.3:a:ruby-lang:ruby:1.8.5.215
  • Ruby-lang Ruby 1.8.5.216
    cpe:2.3:a:ruby-lang:ruby:1.8.5.216
  • Ruby-lang Ruby 1.8.5.217
    cpe:2.3:a:ruby-lang:ruby:1.8.5.217
  • Ruby-lang Ruby 1.8.5.218
    cpe:2.3:a:ruby-lang:ruby:1.8.5.218
  • Ruby-lang Ruby 1.8.5.219
    cpe:2.3:a:ruby-lang:ruby:1.8.5.219
  • Ruby-lang Ruby 1.8.5.220
    cpe:2.3:a:ruby-lang:ruby:1.8.5.220
  • Ruby-lang Ruby 1.8.5.221
    cpe:2.3:a:ruby-lang:ruby:1.8.5.221
  • Ruby-lang Ruby 1.8.5.222
    cpe:2.3:a:ruby-lang:ruby:1.8.5.222
  • Ruby-lang Ruby 1.8.5.223
    cpe:2.3:a:ruby-lang:ruby:1.8.5.223
  • Ruby-lang Ruby 1.8.5.224
    cpe:2.3:a:ruby-lang:ruby:1.8.5.224
  • Ruby-lang Ruby 1.8.5.225
    cpe:2.3:a:ruby-lang:ruby:1.8.5.225
  • Ruby-lang Ruby 1.8.5.226
    cpe:2.3:a:ruby-lang:ruby:1.8.5.226
  • Ruby-lang Ruby 1.8.5.227
    cpe:2.3:a:ruby-lang:ruby:1.8.5.227
  • Ruby-lang Ruby 1.8.5.228
    cpe:2.3:a:ruby-lang:ruby:1.8.5.228
  • Ruby-lang Ruby 1.8.5.229
    cpe:2.3:a:ruby-lang:ruby:1.8.5.229
  • Ruby-lang Ruby 1.8.5.230
    cpe:2.3:a:ruby-lang:ruby:1.8.5.230
  • Ruby-lang Ruby 1.8.6
    cpe:2.3:a:ruby-lang:ruby:1.8.6
  • Ruby-lang Ruby 1.8.6 Preview 1
    cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1
  • Ruby-lang Ruby 1.8.6 Preview 2
    cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2
  • Ruby-lang Ruby 1.8.6 Preview 3
    cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3
  • Ruby-lang Ruby 1.8.6-26
    cpe:2.3:a:ruby-lang:ruby:1.8.6-26
  • Ruby-lang Ruby 1.8.6.1
    cpe:2.3:a:ruby-lang:ruby:1.8.6.1
  • Ruby-lang Ruby 1.8.6.2
    cpe:2.3:a:ruby-lang:ruby:1.8.6.2
  • Ruby-lang Ruby 1.8.6.4
    cpe:2.3:a:ruby-lang:ruby:1.8.6.4
  • Ruby-lang Ruby 1.8.6.5
    cpe:2.3:a:ruby-lang:ruby:1.8.6.5
  • Ruby-lang Ruby 1.8.6.6
    cpe:2.3:a:ruby-lang:ruby:1.8.6.6
  • Ruby-lang Ruby 1.8.6.7
    cpe:2.3:a:ruby-lang:ruby:1.8.6.7
  • Ruby-lang Ruby 1.8.6.8
    cpe:2.3:a:ruby-lang:ruby:1.8.6.8
  • Ruby-lang Ruby 1.8.6.9
    cpe:2.3:a:ruby-lang:ruby:1.8.6.9
  • Ruby-lang Ruby 1.8.6.10
    cpe:2.3:a:ruby-lang:ruby:1.8.6.10
  • Ruby-lang Ruby 1.8.6.12
    cpe:2.3:a:ruby-lang:ruby:1.8.6.12
  • Ruby-lang Ruby 1.8.6.13
    cpe:2.3:a:ruby-lang:ruby:1.8.6.13
  • Ruby-lang Ruby 1.8.6.14
    cpe:2.3:a:ruby-lang:ruby:1.8.6.14
  • Ruby-lang Ruby 1.8.6.15
    cpe:2.3:a:ruby-lang:ruby:1.8.6.15
  • Ruby-lang Ruby 1.8.6.16
    cpe:2.3:a:ruby-lang:ruby:1.8.6.16
  • Ruby-lang Ruby 1.8.6.17
    cpe:2.3:a:ruby-lang:ruby:1.8.6.17
  • Ruby-lang Ruby 1.8.6.18
    cpe:2.3:a:ruby-lang:ruby:1.8.6.18
  • Ruby-lang Ruby 1.8.6.19
    cpe:2.3:a:ruby-lang:ruby:1.8.6.19
  • Ruby-lang Ruby 1.8.6.20
    cpe:2.3:a:ruby-lang:ruby:1.8.6.20
  • Ruby-lang Ruby 1.8.6.21
    cpe:2.3:a:ruby-lang:ruby:1.8.6.21
  • Ruby-lang Ruby 1.8.6.22
    cpe:2.3:a:ruby-lang:ruby:1.8.6.22
  • Ruby-lang Ruby 1.8.6.23
    cpe:2.3:a:ruby-lang:ruby:1.8.6.23
  • Ruby-lang Ruby 1.8.6.24
    cpe:2.3:a:ruby-lang:ruby:1.8.6.24
  • Ruby-lang Ruby 1.8.6.25
    cpe:2.3:a:ruby-lang:ruby:1.8.6.25
  • Ruby-lang Ruby 1.8.6.26
    cpe:2.3:a:ruby-lang:ruby:1.8.6.26
  • Ruby-lang Ruby 1.8.6.27
    cpe:2.3:a:ruby-lang:ruby:1.8.6.27
  • Ruby-lang Ruby 1.8.6.30
    cpe:2.3:a:ruby-lang:ruby:1.8.6.30
  • Ruby-lang Ruby 1.8.6.31
    cpe:2.3:a:ruby-lang:ruby:1.8.6.31
  • Ruby-lang Ruby 1.8.6.32
    cpe:2.3:a:ruby-lang:ruby:1.8.6.32
  • Ruby-lang Ruby 1.8.6.33
    cpe:2.3:a:ruby-lang:ruby:1.8.6.33
  • Ruby-lang Ruby 1.8.6.34
    cpe:2.3:a:ruby-lang:ruby:1.8.6.34
  • Ruby-lang Ruby 1.8.6.35
    cpe:2.3:a:ruby-lang:ruby:1.8.6.35
  • Ruby-lang Ruby 1.8.6.36
    cpe:2.3:a:ruby-lang:ruby:1.8.6.36
  • Ruby-lang Ruby 1.8.6.37
    cpe:2.3:a:ruby-lang:ruby:1.8.6.37
  • Ruby-lang Ruby 1.8.6.38
    cpe:2.3:a:ruby-lang:ruby:1.8.6.38
  • Ruby-lang Ruby 1.8.6.39
    cpe:2.3:a:ruby-lang:ruby:1.8.6.39
  • Ruby-lang Ruby 1.8.6.40
    cpe:2.3:a:ruby-lang:ruby:1.8.6.40
  • Ruby-lang Ruby 1.8.6.41
    cpe:2.3:a:ruby-lang:ruby:1.8.6.41
  • Ruby-lang Ruby 1.8.6.42
    cpe:2.3:a:ruby-lang:ruby:1.8.6.42
  • Ruby-lang Ruby 1.8.6.43
    cpe:2.3:a:ruby-lang:ruby:1.8.6.43
  • Ruby-lang Ruby 1.8.6.44
    cpe:2.3:a:ruby-lang:ruby:1.8.6.44
  • Ruby-lang Ruby 1.8.6.45
    cpe:2.3:a:ruby-lang:ruby:1.8.6.45
  • Ruby-lang Ruby 1.8.6.46
    cpe:2.3:a:ruby-lang:ruby:1.8.6.46
  • Ruby-lang Ruby 1.8.6.47
    cpe:2.3:a:ruby-lang:ruby:1.8.6.47
  • Ruby-lang Ruby 1.8.6.48
    cpe:2.3:a:ruby-lang:ruby:1.8.6.48
  • Ruby-lang Ruby 1.8.6.49
    cpe:2.3:a:ruby-lang:ruby:1.8.6.49
  • Ruby-lang Ruby 1.8.6.50
    cpe:2.3:a:ruby-lang:ruby:1.8.6.50
  • Ruby-lang Ruby 1.8.6.51
    cpe:2.3:a:ruby-lang:ruby:1.8.6.51
  • Ruby-lang Ruby 1.8.6.52
    cpe:2.3:a:ruby-lang:ruby:1.8.6.52
  • Ruby-lang Ruby 1.8.6.53
    cpe:2.3:a:ruby-lang:ruby:1.8.6.53
  • Ruby-lang Ruby 1.8.6.54
    cpe:2.3:a:ruby-lang:ruby:1.8.6.54
  • Ruby-lang Ruby 1.8.6.55
    cpe:2.3:a:ruby-lang:ruby:1.8.6.55
  • Ruby-lang Ruby 1.8.6.56
    cpe:2.3:a:ruby-lang:ruby:1.8.6.56
  • Ruby-lang Ruby 1.8.6.57
    cpe:2.3:a:ruby-lang:ruby:1.8.6.57
  • Ruby-lang Ruby 1.8.6.58
    cpe:2.3:a:ruby-lang:ruby:1.8.6.58
  • Ruby-lang Ruby 1.8.6.59
    cpe:2.3:a:ruby-lang:ruby:1.8.6.59
  • Ruby-lang Ruby 1.8.6.60
    cpe:2.3:a:ruby-lang:ruby:1.8.6.60
  • Ruby-lang Ruby 1.8.6.63
    cpe:2.3:a:ruby-lang:ruby:1.8.6.63
  • Ruby-lang Ruby 1.8.6.64
    cpe:2.3:a:ruby-lang:ruby:1.8.6.64
  • Ruby-lang Ruby 1.8.6.65
    cpe:2.3:a:ruby-lang:ruby:1.8.6.65
  • Ruby-lang Ruby 1.8.6.66
    cpe:2.3:a:ruby-lang:ruby:1.8.6.66
  • Ruby-lang Ruby 1.8.6.67
    cpe:2.3:a:ruby-lang:ruby:1.8.6.67
  • Ruby-lang Ruby 1.8.6.68
    cpe:2.3:a:ruby-lang:ruby:1.8.6.68
  • Ruby-lang Ruby 1.8.6.69
    cpe:2.3:a:ruby-lang:ruby:1.8.6.69
  • Ruby-lang Ruby 1.8.6.70
    cpe:2.3:a:ruby-lang:ruby:1.8.6.70
  • Ruby-lang Ruby 1.8.6.72
    cpe:2.3:a:ruby-lang:ruby:1.8.6.72
  • Ruby-lang Ruby 1.8.6.73
    cpe:2.3:a:ruby-lang:ruby:1.8.6.73
  • Ruby-lang Ruby 1.8.6.74
    cpe:2.3:a:ruby-lang:ruby:1.8.6.74
  • Ruby-lang Ruby 1.8.6.75
    cpe:2.3:a:ruby-lang:ruby:1.8.6.75
  • Ruby-lang Ruby 1.8.6.76
    cpe:2.3:a:ruby-lang:ruby:1.8.6.76
  • Ruby-lang Ruby 1.8.6.77
    cpe:2.3:a:ruby-lang:ruby:1.8.6.77
  • Ruby-lang Ruby 1.8.6.78
    cpe:2.3:a:ruby-lang:ruby:1.8.6.78
  • Ruby-lang Ruby 1.8.6.79
    cpe:2.3:a:ruby-lang:ruby:1.8.6.79
  • Ruby-lang Ruby 1.8.6.80
    cpe:2.3:a:ruby-lang:ruby:1.8.6.80
  • Ruby-lang Ruby 1.8.6.81
    cpe:2.3:a:ruby-lang:ruby:1.8.6.81
  • Ruby-lang Ruby 1.8.6.82
    cpe:2.3:a:ruby-lang:ruby:1.8.6.82
  • Ruby-lang Ruby 1.8.6.83
    cpe:2.3:a:ruby-lang:ruby:1.8.6.83
  • Ruby-lang Ruby 1.8.6.84
    cpe:2.3:a:ruby-lang:ruby:1.8.6.84
  • Ruby-lang Ruby 1.8.6.85
    cpe:2.3:a:ruby-lang:ruby:1.8.6.85
  • Ruby-lang Ruby 1.8.6.86
    cpe:2.3:a:ruby-lang:ruby:1.8.6.86
  • Ruby-lang Ruby 1.8.6.87
    cpe:2.3:a:ruby-lang:ruby:1.8.6.87
  • Ruby-lang Ruby 1.8.6.88
    cpe:2.3:a:ruby-lang:ruby:1.8.6.88
  • Ruby-lang Ruby 1.8.6.89
    cpe:2.3:a:ruby-lang:ruby:1.8.6.89
  • Ruby-lang Ruby 1.8.6.90
    cpe:2.3:a:ruby-lang:ruby:1.8.6.90
  • Ruby-lang Ruby 1.8.6.91
    cpe:2.3:a:ruby-lang:ruby:1.8.6.91
  • Ruby-lang Ruby 1.8.6.92
    cpe:2.3:a:ruby-lang:ruby:1.8.6.92
  • Ruby-lang Ruby 1.8.6.93
    cpe:2.3:a:ruby-lang:ruby:1.8.6.93
  • Ruby-lang Ruby 1.8.6.94
    cpe:2.3:a:ruby-lang:ruby:1.8.6.94
  • Ruby-lang Ruby 1.8.6.95
    cpe:2.3:a:ruby-lang:ruby:1.8.6.95
  • Ruby-lang Ruby 1.8.6.96
    cpe:2.3:a:ruby-lang:ruby:1.8.6.96
  • Ruby-lang Ruby 1.8.6.97
    cpe:2.3:a:ruby-lang:ruby:1.8.6.97
  • Ruby-lang Ruby 1.8.6.98
    cpe:2.3:a:ruby-lang:ruby:1.8.6.98
  • Ruby-lang Ruby 1.8.6.99
    cpe:2.3:a:ruby-lang:ruby:1.8.6.99
  • Ruby-lang Ruby 1.8.6.100
    cpe:2.3:a:ruby-lang:ruby:1.8.6.100
  • Ruby-lang Ruby 1.8.6.101
    cpe:2.3:a:ruby-lang:ruby:1.8.6.101
  • Ruby-lang Ruby 1.8.6.102
    cpe:2.3:a:ruby-lang:ruby:1.8.6.102
  • Ruby-lang Ruby 1.8.6.103
    cpe:2.3:a:ruby-lang:ruby:1.8.6.103
  • Ruby-lang Ruby 1.8.6.104
    cpe:2.3:a:ruby-lang:ruby:1.8.6.104
  • Ruby-lang Ruby 1.8.6.105
    cpe:2.3:a:ruby-lang:ruby:1.8.6.105
  • Ruby-lang Ruby 1.8.6.106
    cpe:2.3:a:ruby-lang:ruby:1.8.6.106
  • Ruby-lang Ruby 1.8.6.107
    cpe:2.3:a:ruby-lang:ruby:1.8.6.107
  • Ruby-lang Ruby 1.8.6.109
    cpe:2.3:a:ruby-lang:ruby:1.8.6.109
  • Ruby-lang Ruby 1.8.6.110
    cpe:2.3:a:ruby-lang:ruby:1.8.6.110
  • Ruby-lang Ruby 1.8.6.111
    cpe:2.3:a:ruby-lang:ruby:1.8.6.111
  • Ruby-lang Ruby 1.8.6.112
    cpe:2.3:a:ruby-lang:ruby:1.8.6.112
  • Ruby-lang Ruby 1.8.6.113
    cpe:2.3:a:ruby-lang:ruby:1.8.6.113
  • Ruby-lang Ruby 1.8.6.114
    cpe:2.3:a:ruby-lang:ruby:1.8.6.114
  • Ruby-lang Ruby 1.8.6.115
    cpe:2.3:a:ruby-lang:ruby:1.8.6.115
  • Ruby-lang Ruby 1.8.6.121
    cpe:2.3:a:ruby-lang:ruby:1.8.6.121
  • Ruby-lang Ruby 1.8.6.122
    cpe:2.3:a:ruby-lang:ruby:1.8.6.122
  • Ruby-lang Ruby 1.8.6.123
    cpe:2.3:a:ruby-lang:ruby:1.8.6.123
  • Ruby-lang Ruby 1.8.6.124
    cpe:2.3:a:ruby-lang:ruby:1.8.6.124
  • Ruby-lang Ruby 1.8.6.125
    cpe:2.3:a:ruby-lang:ruby:1.8.6.125
  • Ruby-lang Ruby 1.8.6.126
    cpe:2.3:a:ruby-lang:ruby:1.8.6.126
  • Ruby-lang Ruby 1.8.6.127
    cpe:2.3:a:ruby-lang:ruby:1.8.6.127
  • Ruby-lang Ruby 1.8.6.128
    cpe:2.3:a:ruby-lang:ruby:1.8.6.128
  • Ruby-lang Ruby 1.8.6.129
    cpe:2.3:a:ruby-lang:ruby:1.8.6.129
  • Ruby-lang Ruby 1.8.6.130
    cpe:2.3:a:ruby-lang:ruby:1.8.6.130
  • Ruby-lang Ruby 1.8.6.131
    cpe:2.3:a:ruby-lang:ruby:1.8.6.131
  • Ruby-lang Ruby 1.8.6.132
    cpe:2.3:a:ruby-lang:ruby:1.8.6.132
  • Ruby-lang Ruby 1.8.6.133
    cpe:2.3:a:ruby-lang:ruby:1.8.6.133
  • Ruby-lang Ruby 1.8.6.134
    cpe:2.3:a:ruby-lang:ruby:1.8.6.134
  • Ruby-lang Ruby 1.8.6.135
    cpe:2.3:a:ruby-lang:ruby:1.8.6.135
  • Ruby-lang Ruby 1.8.6.136
    cpe:2.3:a:ruby-lang:ruby:1.8.6.136
  • Ruby-lang Ruby 1.8.6.137
    cpe:2.3:a:ruby-lang:ruby:1.8.6.137
  • Ruby-lang Ruby 1.8.6.138
    cpe:2.3:a:ruby-lang:ruby:1.8.6.138
  • Ruby-lang Ruby 1.8.6.139
    cpe:2.3:a:ruby-lang:ruby:1.8.6.139
  • Ruby-lang Ruby 1.8.6.140
    cpe:2.3:a:ruby-lang:ruby:1.8.6.140
  • Ruby-lang Ruby 1.8.6.141
    cpe:2.3:a:ruby-lang:ruby:1.8.6.141
  • Ruby-lang Ruby 1.8.6.144
    cpe:2.3:a:ruby-lang:ruby:1.8.6.144
  • Ruby-lang Ruby 1.8.6.145
    cpe:2.3:a:ruby-lang:ruby:1.8.6.145
  • Ruby-lang Ruby 1.8.6.146
    cpe:2.3:a:ruby-lang:ruby:1.8.6.146
  • Ruby-lang Ruby 1.8.6.147
    cpe:2.3:a:ruby-lang:ruby:1.8.6.147
  • Ruby-lang Ruby 1.8.6.148
    cpe:2.3:a:ruby-lang:ruby:1.8.6.148
  • Ruby-lang Ruby 1.8.6.149
    cpe:2.3:a:ruby-lang:ruby:1.8.6.149
  • Ruby-lang Ruby 1.8.6.150
    cpe:2.3:a:ruby-lang:ruby:1.8.6.150
  • Ruby-lang Ruby 1.8.6.151
    cpe:2.3:a:ruby-lang:ruby:1.8.6.151
  • Ruby-lang Ruby 1.8.6.153
    cpe:2.3:a:ruby-lang:ruby:1.8.6.153
  • Ruby-lang Ruby 1.8.6.154
    cpe:2.3:a:ruby-lang:ruby:1.8.6.154
  • Ruby-lang Ruby 1.8.6.155
    cpe:2.3:a:ruby-lang:ruby:1.8.6.155
  • Ruby-lang Ruby 1.8.6.156
    cpe:2.3:a:ruby-lang:ruby:1.8.6.156
  • Ruby-lang Ruby 1.8.6.157
    cpe:2.3:a:ruby-lang:ruby:1.8.6.157
  • Ruby-lang Ruby 1.8.6.158
    cpe:2.3:a:ruby-lang:ruby:1.8.6.158
  • Ruby-lang Ruby 1.8.6.159
    cpe:2.3:a:ruby-lang:ruby:1.8.6.159
  • Ruby-lang Ruby 1.8.6.160
    cpe:2.3:a:ruby-lang:ruby:1.8.6.160
  • Ruby-lang Ruby 1.8.6.161
    cpe:2.3:a:ruby-lang:ruby:1.8.6.161
  • Ruby-lang Ruby 1.8.6.162
    cpe:2.3:a:ruby-lang:ruby:1.8.6.162
  • Ruby-lang Ruby 1.8.6.163
    cpe:2.3:a:ruby-lang:ruby:1.8.6.163
  • Ruby-lang Ruby 1.8.6.164
    cpe:2.3:a:ruby-lang:ruby:1.8.6.164
  • Ruby-lang Ruby 1.8.6.165
    cpe:2.3:a:ruby-lang:ruby:1.8.6.165
  • Ruby-lang Ruby 1.8.6.166
    cpe:2.3:a:ruby-lang:ruby:1.8.6.166
  • Ruby-lang Ruby 1.8.6.167
    cpe:2.3:a:ruby-lang:ruby:1.8.6.167
  • Ruby-lang Ruby 1.8.6.168
    cpe:2.3:a:ruby-lang:ruby:1.8.6.168
  • Ruby-lang Ruby 1.8.6.169
    cpe:2.3:a:ruby-lang:ruby:1.8.6.169
  • Ruby-lang Ruby 1.8.6.170
    cpe:2.3:a:ruby-lang:ruby:1.8.6.170
  • Ruby-lang Ruby 1.8.6.171
    cpe:2.3:a:ruby-lang:ruby:1.8.6.171
  • Ruby-lang Ruby 1.8.6.172
    cpe:2.3:a:ruby-lang:ruby:1.8.6.172
  • Ruby-lang Ruby 1.8.6.173
    cpe:2.3:a:ruby-lang:ruby:1.8.6.173
  • Ruby-lang Ruby 1.8.6.174
    cpe:2.3:a:ruby-lang:ruby:1.8.6.174
  • Ruby-lang Ruby 1.8.6.175
    cpe:2.3:a:ruby-lang:ruby:1.8.6.175
  • Ruby-lang Ruby 1.8.6.176
    cpe:2.3:a:ruby-lang:ruby:1.8.6.176
  • Ruby-lang Ruby 1.8.6.177
    cpe:2.3:a:ruby-lang:ruby:1.8.6.177
  • Ruby-lang Ruby 1.8.6.178
    cpe:2.3:a:ruby-lang:ruby:1.8.6.178
  • Ruby-lang Ruby 1.8.6.179
    cpe:2.3:a:ruby-lang:ruby:1.8.6.179
  • Ruby-lang Ruby 1.8.6.180
    cpe:2.3:a:ruby-lang:ruby:1.8.6.180
  • Ruby-lang Ruby 1.8.6.181
    cpe:2.3:a:ruby-lang:ruby:1.8.6.181
  • Ruby-lang Ruby 1.8.6.182
    cpe:2.3:a:ruby-lang:ruby:1.8.6.182
  • Ruby-lang Ruby 1.8.6.183
    cpe:2.3:a:ruby-lang:ruby:1.8.6.183
  • Ruby-lang Ruby 1.8.6.184
    cpe:2.3:a:ruby-lang:ruby:1.8.6.184
  • Ruby-lang Ruby 1.8.6.185
    cpe:2.3:a:ruby-lang:ruby:1.8.6.185
  • Ruby-lang Ruby 1.8.6.186
    cpe:2.3:a:ruby-lang:ruby:1.8.6.186
  • Ruby-lang Ruby 1.8.6.187
    cpe:2.3:a:ruby-lang:ruby:1.8.6.187
  • Ruby-lang Ruby 1.8.6.188
    cpe:2.3:a:ruby-lang:ruby:1.8.6.188
  • Ruby-lang Ruby 1.8.6.189
    cpe:2.3:a:ruby-lang:ruby:1.8.6.189
  • Ruby-lang Ruby 1.8.6.190
    cpe:2.3:a:ruby-lang:ruby:1.8.6.190
  • Ruby-lang Ruby 1.8.6.191
    cpe:2.3:a:ruby-lang:ruby:1.8.6.191
  • Ruby-lang Ruby 1.8.6.192
    cpe:2.3:a:ruby-lang:ruby:1.8.6.192
  • Ruby-lang Ruby 1.8.6.193
    cpe:2.3:a:ruby-lang:ruby:1.8.6.193
  • Ruby-lang Ruby 1.8.6.194
    cpe:2.3:a:ruby-lang:ruby:1.8.6.194
  • Ruby-lang Ruby 1.8.6.195
    cpe:2.3:a:ruby-lang:ruby:1.8.6.195
  • Ruby-lang Ruby 1.8.6.196
    cpe:2.3:a:ruby-lang:ruby:1.8.6.196
  • Ruby-lang Ruby 1.8.6.197
    cpe:2.3:a:ruby-lang:ruby:1.8.6.197
  • Ruby-lang Ruby 1.8.6.198
    cpe:2.3:a:ruby-lang:ruby:1.8.6.198
  • Ruby-lang Ruby 1.8.6.199
    cpe:2.3:a:ruby-lang:ruby:1.8.6.199
  • Ruby-lang Ruby 1.8.6.200
    cpe:2.3:a:ruby-lang:ruby:1.8.6.200
  • Ruby-lang Ruby 1.8.6.201
    cpe:2.3:a:ruby-lang:ruby:1.8.6.201
  • Ruby-lang Ruby 1.8.6.202
    cpe:2.3:a:ruby-lang:ruby:1.8.6.202
  • Ruby-lang Ruby 1.8.6.203
    cpe:2.3:a:ruby-lang:ruby:1.8.6.203
  • Ruby-lang Ruby 1.8.6.204
    cpe:2.3:a:ruby-lang:ruby:1.8.6.204
  • Ruby-lang Ruby 1.8.6.205
    cpe:2.3:a:ruby-lang:ruby:1.8.6.205
  • Ruby-lang Ruby 1.8.6.206
    cpe:2.3:a:ruby-lang:ruby:1.8.6.206
  • Ruby-lang Ruby 1.8.6.207
    cpe:2.3:a:ruby-lang:ruby:1.8.6.207
  • Ruby-lang Ruby 1.8.6.208
    cpe:2.3:a:ruby-lang:ruby:1.8.6.208
  • Ruby-lang Ruby 1.8.6.209
    cpe:2.3:a:ruby-lang:ruby:1.8.6.209
  • Ruby-lang Ruby 1.8.6.210
    cpe:2.3:a:ruby-lang:ruby:1.8.6.210
  • Ruby-lang Ruby 1.8.6.211
    cpe:2.3:a:ruby-lang:ruby:1.8.6.211
  • Ruby-lang Ruby 1.8.6.212
    cpe:2.3:a:ruby-lang:ruby:1.8.6.212
  • Ruby-lang Ruby 1.8.6.213
    cpe:2.3:a:ruby-lang:ruby:1.8.6.213
  • Ruby-lang Ruby 1.8.6.214
    cpe:2.3:a:ruby-lang:ruby:1.8.6.214
  • Ruby-lang Ruby 1.8.6.215
    cpe:2.3:a:ruby-lang:ruby:1.8.6.215
  • Ruby-lang Ruby 1.8.6.216
    cpe:2.3:a:ruby-lang:ruby:1.8.6.216
  • Ruby-lang Ruby 1.8.6.217
    cpe:2.3:a:ruby-lang:ruby:1.8.6.217
  • Ruby-lang Ruby 1.8.6.218
    cpe:2.3:a:ruby-lang:ruby:1.8.6.218
  • Ruby-lang Ruby 1.8.6.219
    cpe:2.3:a:ruby-lang:ruby:1.8.6.219
  • Ruby-lang Ruby 1.8.6.220
    cpe:2.3:a:ruby-lang:ruby:1.8.6.220
  • Ruby-lang Ruby 1.8.6.221
    cpe:2.3:a:ruby-lang:ruby:1.8.6.221
  • Ruby-lang Ruby 1.8.6.222
    cpe:2.3:a:ruby-lang:ruby:1.8.6.222
  • Ruby-lang Ruby 1.8.6.223
    cpe:2.3:a:ruby-lang:ruby:1.8.6.223
  • Ruby-lang Ruby 1.8.6.224
    cpe:2.3:a:ruby-lang:ruby:1.8.6.224
  • Ruby-lang Ruby 1.8.6.225
    cpe:2.3:a:ruby-lang:ruby:1.8.6.225
  • Ruby-lang Ruby 1.8.6.226
    cpe:2.3:a:ruby-lang:ruby:1.8.6.226
  • Ruby-lang Ruby 1.8.6.227
    cpe:2.3:a:ruby-lang:ruby:1.8.6.227
  • Ruby-lang Ruby 1.8.6.228
    cpe:2.3:a:ruby-lang:ruby:1.8.6.228
  • Ruby-lang Ruby 1.8.6.229
    cpe:2.3:a:ruby-lang:ruby:1.8.6.229
  • ruby-lang Ruby 1.8.7
    cpe:2.3:a:ruby-lang:ruby:1.8.7
  • ruby-lang Ruby 1.8.7-p160
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p160
  • ruby-lang Ruby 1.8.7-p17
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p17
  • ruby-lang Ruby 1.8.7-p173
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p173
  • ruby-lang Ruby 1.8.7-p174
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p174
  • ruby-lang Ruby 1.8.7-p22
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p22
  • ruby-lang Ruby 1.8.7-p248
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p248
  • ruby-lang Ruby 1.8.7-p249
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p249
  • ruby-lang Ruby 1.8.7-p299
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p299
  • ruby-lang Ruby 1.8.7-p301
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p301
  • ruby-lang Ruby 1.8.7-p302
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p302
  • ruby-lang Ruby 1.8.7-p330
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p330
  • ruby-lang Ruby 1.8.7-p334
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p334
  • ruby-lang Ruby 1.8.7-p352
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p352
  • ruby-lang Ruby 1.8.7-p357
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p357
  • ruby-lang Ruby 1.8.7-p358
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p358
  • ruby-lang Ruby 1.8.7-p370
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p370
  • ruby-lang Ruby 1.8.7-p371
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p371
  • Ruby-lang Ruby 1.8.7-p373
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p373
  • Ruby-lang Ruby 1.8.7-p374
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p374
  • ruby-lang Ruby 1.8.7-p71
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p71
  • ruby-lang Ruby 1.8.7-p72
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p72
  • ruby-lang Ruby 1.8.7-preview1
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1
  • ruby-lang Ruby 1.8.7-preview2
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2
  • ruby-lang Ruby 1.8.7-preview3
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3
  • ruby-lang Ruby 1.8.7-preview4
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4
  • Ruby-lang Ruby 1.8.7.7
    cpe:2.3:a:ruby-lang:ruby:1.8.7.7
  • Ruby-lang Ruby 1.8.7.17
    cpe:2.3:a:ruby-lang:ruby:1.8.7.17
  • Ruby-lang Ruby 1.8.7.20
    cpe:2.3:a:ruby-lang:ruby:1.8.7.20
  • Ruby-lang Ruby 1.8.7.21
    cpe:2.3:a:ruby-lang:ruby:1.8.7.21
  • ruby-lang Ruby 1.9.0
    cpe:2.3:a:ruby-lang:ruby:1.9.0
  • Ruby-lang Ruby 1.9.0.0
    cpe:2.3:a:ruby-lang:ruby:1.9.0.0
  • Ruby-lang Ruby 1.9.0.1
    cpe:2.3:a:ruby-lang:ruby:1.9.0.1
  • Debian GNU/Linux 4.0
    cpe:2.3:o:debian:debian_linux:4.0
  • Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:6.06:-:-:-:lts
  • Canonical Ubuntu Linux 7.04
    cpe:2.3:o:canonical:ubuntu_linux:7.04
  • Canonical Ubuntu Linux 7.10
    cpe:2.3:o:canonical:ubuntu_linux:7.10
  • Canonical Ubuntu Linux 8.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:8.04:-:-:-:lts
CVSS
Base: 7.8 (as of 24-06-2008 - 17:06)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_538021643F7E11DD90EA0019666436C2.NASL
    description The official ruby site reports : Multiple vulnerabilities in Ruby may lead to a denial of service (DoS) condition or allow execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33241
    published 2008-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33241
    title FreeBSD : ruby -- multiple integer and buffer overflow vulnerabilities (53802164-3f7e-11dd-90ea-0019666436c2)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200812-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-200812-17 (Ruby: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws: Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662). Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663). Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664). Memory corruption ('REALLOC_N') in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2725). Memory corruption ('beg + rlen') in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2726). Furthermore, several other vulnerabilities have been reported: Tanaka Akira reported an issue with resolv.rb that enables attackers to spoof DNS responses (CVE-2008-1447). Akira Tagoh of RedHat discovered a Denial of Service (crash) issue in the rb_ary_fill() function in array.c (CVE-2008-2376). Several safe level bypass vulnerabilities were discovered and reported by Keita Yamaguchi (CVE-2008-3655). Christian Neukirchen is credited for discovering a Denial of Service (CPU consumption) attack in the WEBRick HTTP server (CVE-2008-3656). A fault in the dl module allowed the circumvention of taintness checks which could possibly lead to insecure code execution was reported by 'sheepman' (CVE-2008-3657). Tanaka Akira again found a DNS spoofing vulnerability caused by the resolv.rb implementation using poor randomness (CVE-2008-3905). Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial of Service (CPU consumption) vulnerability in the REXML module when dealing with recursive entity expansion (CVE-2008-3790). Impact : These vulnerabilities allow remote attackers to execute arbitrary code, spoof DNS responses, bypass Ruby's built-in security and taintness checks, and cause a Denial of Service via crash or CPU exhaustion. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 35188
    published 2008-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35188
    title GLSA-200812-17 : Ruby: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-5649.NASL
    description - Tue Jun 24 2008 Akira TAGOH - 1.8.6.230-1 - New upstream release. - Security fixes. (#452293) - CVE-2008-1891: WEBrick CGI source disclosure. - CVE-2008-2662: Integer overflow in rb_str_buf_append(). - CVE-2008-2663: Integer overflow in rb_ary_store(). - CVE-2008-2664: Unsafe use of alloca in rb_str_format(). - CVE-2008-2725: Integer overflow in rb_ary_splice(). - CVE-2008-2726: Integer overflow in rb_ary_splice(). - ruby-1.8.6.111-CVE-2007-5162.patch: removed. - Tue Mar 4 2008 Akira TAGOH - 1.8.6.114-1 - Security fix for CVE-2008-1145. - Improve a spec file. (#226381) - Correct License tag. - Fix a timestamp issue. - Own a arch-specific directory. - Tue Feb 19 2008 Fedora Release Engineering - 1.8.6.111-9 - Autorebuild for GCC 4.3 - Tue Feb 19 2008 Akira TAGOH - 1.8.6.111-8 - Rebuild for gcc-4.3. - Tue Jan 15 2008 Akira TAGOH - 1.8.6.111-7 - Revert the change of libruby-static.a. (#428384) - Fri Jan 11 2008 Akira TAGOH - 1.8.6.111-6 - Fix an unnecessary replacement for shebang. (#426835) - Fri Jan 4 2008 Akira TAGOH - 1.8.6.111-5 - Rebuild. - Fri Dec 28 2007 Akira TAGOH - 1.8.6.111-4 - Clean up again. - Fri Dec 21 2007 Akira TAGOH - 1.8.6.111-3 - Clean up the spec file. - Remove ruby-man-1.4.6 stuff. this is entirely the out-dated document. this could be replaced by ri. - Disable the static library building. - Tue Dec 4 2007 Release Engineering - 1.8.6.111-2 - Rebuild for openssl bump - Wed Oct 31 2007 Akira TAGOH - Fix the dead link. - Mon Oct 29 2007 Akira TAGOH - 1.8.6.111-1 - New upstream release. - ruby-1.8.6.111-CVE-2007-5162.patch: Update a bit with backporting the changes at trunk to enable the fix without any modifications on the users' scripts. Note that Net::HTTP#enable_post_connection_check isn't available anymore. If you want to disable this post-check, you should give OpenSSL::SSL::VERIFY_NONE to Net::HTTP#verify_mode= instead of. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 33260
    published 2008-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33260
    title Fedora 8 : ruby-1.8.6.230-1.fc8 (2008-5649)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2008-004.NASL
    description The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-004 applied. This update contains security fixes for a number of programs.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 33282
    published 2008-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33282
    title Mac OS X Multiple Vulnerabilities (Security Update 2008-004)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_5_4.NASL
    description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.4. Mac OS X 10.5.4 contains security fixes for multiple components.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 33281
    published 2008-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33281
    title Mac OS X 10.5.x < 10.5.4 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0562.NASL
    description From Red Hat Security Advisory 2008:0562 : Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. A remote attacker could send a specially crafted request and cause the Ruby CGI script to enter an infinite loop, possibly causing a denial of service. (CVE-2006-6303) Users of Ruby should upgrade to these updated packages, which contain a backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 67717
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67717
    title Oracle Linux 3 : ruby (ELSA-2008-0562)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0562.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. A remote attacker could send a specially crafted request and cause the Ruby CGI script to enter an infinite loop, possibly causing a denial of service. (CVE-2006-6303) Users of Ruby should upgrade to these updated packages, which contain a backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 33496
    published 2008-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33496
    title RHEL 2.1 / 3 : ruby (RHSA-2008:0562)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080714_RUBY_ON_SL3_X.NASL
    description Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. A remote attacker could send a specially crafted request and cause the Ruby CGI script to enter an infinite loop, possibly causing a denial of service. (CVE-2006-6303)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60441
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60441
    title Scientific Linux Security Update : ruby on SL3.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0562.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. A remote attacker could send a specially crafted request and cause the Ruby CGI script to enter an infinite loop, possibly causing a denial of service. (CVE-2006-6303) Users of Ruby should upgrade to these updated packages, which contain a backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33489
    published 2008-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33489
    title CentOS 3 : ruby (CESA-2008:0562)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0561.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of Ruby should upgrade to these updated packages, which contain a backported patch to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 33495
    published 2008-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33495
    title RHEL 4 / 5 : ruby (RHSA-2008:0561)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-621-1.NASL
    description Drew Yao discovered several vulnerabilities in Ruby which lead to integer overflows. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) Drew Yao discovered that Ruby did not sanitize its input when using ALLOCA. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service via memory corruption. (CVE-2008-2664). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 33390
    published 2008-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33390
    title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-621-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_RUBY-5483.NASL
    description This update of ruby fixes : - a possible information leakage (CVE-2008-1145) - a directory traversal bug (CVE-2008-1891) in WEBrick - various memory corruptions and integer overflows in array and string handling (CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2727, CVE-2008-2728)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34028
    published 2008-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34028
    title openSUSE 10 Security Update : ruby (ruby-5483)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1618.NASL
    description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2662 Drew Yao discovered that multiple integer overflows in the string processing code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2663 Drew Yao discovered that multiple integer overflows in the string processing code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2664 Drew Yao discovered that a programming error in the string processing code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2725 Drew Yao discovered that an integer overflow in the array handling code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2726 Drew Yao discovered that an integer overflow in the array handling code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2376 It was discovered that an integer overflow in the array handling code may lead to denial of service and potentially the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33738
    published 2008-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33738
    title Debian DSA-1618-1 : ruby1.9 - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1612.NASL
    description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2662 Drew Yao discovered that multiple integer overflows in the string processing code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2663 Drew Yao discovered that multiple integer overflows in the string processing code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2664 Drew Yao discovered that a programming error in the string processing code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2725 Drew Yao discovered that an integer overflow in the array handling code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2726 Drew Yao discovered that an integer overflow in the array handling code may lead to denial of service and potentially the execution of arbitrary code. - CVE-2008-2376 It was discovered that an integer overflow in the array handling code may lead to denial of service and potentially the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33551
    published 2008-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33551
    title Debian DSA-1612-1 : ruby1.8 - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_RUBY-5484.NASL
    description This update of ruby fixes : - a possible information leakage. (CVE-2008-1145) - a directory traversal bug (CVE-2008-1891) in WEBrick - various memory corruptions and integer overflows in array and string handling. (CVE-2008-2662 / CVE-2008-2663 / CVE-2008-2664 / CVE-2008-2725 / CVE-2008-2726 / CVE-2008-2727 / CVE-2008-2728)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34020
    published 2008-08-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34020
    title SuSE 10 Security Update : Ruby (ZYPP Patch Number 5484)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-140.NASL
    description Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. (CVE-2008-1891) Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. (CVE-2008-2662) Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. (CVE-2008-2663) The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. (CVE-2008-2664) Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. (CVE-2008-2725) Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. (CVE-2008-2726) Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. (CVE-2008-2376) The updated packages have been patched to fix these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 36689
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36689
    title Mandriva Linux Security Advisory : ruby (MDVSA-2008:140)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-179-01.NASL
    description New ruby packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues.
    last seen 2018-09-02
    modified 2018-06-27
    plugin id 33287
    published 2008-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33287
    title Slackware 11.0 / 12.0 / 12.1 / current : ruby (SSA:2008-179-01)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0561.NASL
    description From Red Hat Security Advisory 2008:0561 : Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of Ruby should upgrade to these updated packages, which contain a backported patch to resolve these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67716
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67716
    title Oracle Linux 4 / 5 : ruby (ELSA-2008-0561)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_RUBY-080729.NASL
    description This update of ruby fixes : - a possible information leakage (CVE-2008-1145) - a directory traversal bug (CVE-2008-1891) in WEBrick - various memory corruptions and integer overflows in array and string handling (CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2727, CVE-2008-2728)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40121
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40121
    title openSUSE Security Update : ruby (ruby-123)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12214.NASL
    description This update of ruby fixes : - a possible information leakage. (CVE-2008-1145) - a directory traversal bug in WEBrick. (CVE-2008-1891) - various memory corruptions and integer overflows in array and string handling. (CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2727, CVE-2008-2728)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41228
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41228
    title SuSE9 Security Update : Ruby (YOU Patch Number 12214)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0561.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of Ruby should upgrade to these updated packages, which contain a backported patch to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43694
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43694
    title CentOS 4 / 5 : ruby (CESA-2008:0561)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-141.NASL
    description Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash () path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) ..%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. (CVE-2008-1145) Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. (CVE-2008-1891) Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. (CVE-2008-2662) Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. (CVE-2008-2663) The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. (CVE-2008-2664) Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. (CVE-2008-2725) Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. (CVE-2008-2726) Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. (CVE-2008-2376) The updated packages have been patched to fix these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37401
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37401
    title Mandriva Linux Security Advisory : ruby (MDVSA-2008:141)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080714_RUBY_ON_SL4_X.NASL
    description Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array or string operations. (CVE-2008-2376, CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726) It was discovered that Ruby used the alloca() memory allocation function in the format (%) method of the String class without properly restricting maximum string length. An attacker could use this flaw to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using long, untrusted strings as format strings. (CVE-2008-2664)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60442
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60442
    title Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-5664.NASL
    description - Tue Jun 24 2008 Akira TAGOH - 1.8.6.230-1 - New upstream release. - Security fixes. (#452294). - CVE-2008-1891: WEBrick CGI source disclosure. - CVE-2008-2662: Integer overflow in rb_str_buf_append(). - CVE-2008-2663: Integer overflow in rb_ary_store(). - CVE-2008-2664: Unsafe use of alloca in rb_str_format(). - CVE-2008-2725: Integer overflow in rb_ary_splice(). - CVE-2008-2726: Integer overflow in rb_ary_splice(). - ruby-1.8.6.111-CVE-2007-5162.patch: removed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 33261
    published 2008-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33261
    title Fedora 9 : ruby-1.8.6.230-1.fc9 (2008-5664)
oval via4
accepted 2013-04-29T04:23:38.991-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
family unix
id oval:org.mitre.oval:def:9959
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
version 24
redhat via4
advisories
  • bugzilla
    id 453589
    title CVE-2008-2376 ruby: integer overflows in rb_ary_fill() / Array#fill
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment irb is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561012
          • comment irb is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729015
        • AND
          • comment ruby is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561002
          • comment ruby is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729003
        • AND
          • comment ruby-devel is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561004
          • comment ruby-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729011
        • AND
          • comment ruby-docs is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561008
          • comment ruby-docs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729007
        • AND
          • comment ruby-libs is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561014
          • comment ruby-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729009
        • AND
          • comment ruby-mode is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561006
          • comment ruby-mode is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729005
        • AND
          • comment ruby-tcltk is earlier than 0:1.8.1-7.el4_6.1
            oval oval:com.redhat.rhsa:tst:20080561010
          • comment ruby-tcltk is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729013
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment ruby is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561017
          • comment ruby is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965003
        • AND
          • comment ruby-devel is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561031
          • comment ruby-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965013
        • AND
          • comment ruby-docs is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561029
          • comment ruby-docs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965017
        • AND
          • comment ruby-irb is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561021
          • comment ruby-irb is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965011
        • AND
          • comment ruby-libs is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561033
          • comment ruby-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965019
        • AND
          • comment ruby-mode is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561023
          • comment ruby-mode is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965005
        • AND
          • comment ruby-rdoc is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561025
          • comment ruby-rdoc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965007
        • AND
          • comment ruby-ri is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561019
          • comment ruby-ri is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965015
        • AND
          • comment ruby-tcltk is earlier than 0:1.8.5-5.el5_2.3
            oval oval:com.redhat.rhsa:tst:20080561027
          • comment ruby-tcltk is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965009
    rhsa
    id RHSA-2008:0561
    released 2008-07-14
    severity Moderate
    title RHSA-2008:0561: ruby security update (Moderate)
  • bugzilla
    id 453589
    title CVE-2008-2376 ruby: integer overflows in rb_ary_fill() / Array#fill
    oval
    AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • OR
      • AND
        • comment irb is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562010
        • comment irb is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729015
      • AND
        • comment ruby is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562002
        • comment ruby is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729003
      • AND
        • comment ruby-devel is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562012
        • comment ruby-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729011
      • AND
        • comment ruby-docs is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562014
        • comment ruby-docs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729007
      • AND
        • comment ruby-libs is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562006
        • comment ruby-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729009
      • AND
        • comment ruby-mode is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562008
        • comment ruby-mode is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729005
      • AND
        • comment ruby-tcltk is earlier than 0:1.6.8-12.el3
          oval oval:com.redhat.rhsa:tst:20080562004
        • comment ruby-tcltk is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729013
    rhsa
    id RHSA-2008:0562
    released 2008-07-14
    severity Moderate
    title RHSA-2008:0562: ruby security update (Moderate)
rpms
  • irb-0:1.8.1-7.el4_6.1
  • ruby-0:1.8.1-7.el4_6.1
  • ruby-devel-0:1.8.1-7.el4_6.1
  • ruby-docs-0:1.8.1-7.el4_6.1
  • ruby-libs-0:1.8.1-7.el4_6.1
  • ruby-mode-0:1.8.1-7.el4_6.1
  • ruby-tcltk-0:1.8.1-7.el4_6.1
  • ruby-0:1.8.5-5.el5_2.3
  • ruby-devel-0:1.8.5-5.el5_2.3
  • ruby-docs-0:1.8.5-5.el5_2.3
  • ruby-irb-0:1.8.5-5.el5_2.3
  • ruby-libs-0:1.8.5-5.el5_2.3
  • ruby-mode-0:1.8.5-5.el5_2.3
  • ruby-rdoc-0:1.8.5-5.el5_2.3
  • ruby-ri-0:1.8.5-5.el5_2.3
  • ruby-tcltk-0:1.8.5-5.el5_2.3
  • irb-0:1.6.8-12.el3
  • ruby-0:1.6.8-12.el3
  • ruby-devel-0:1.6.8-12.el3
  • ruby-docs-0:1.6.8-12.el3
  • ruby-libs-0:1.6.8-12.el3
  • ruby-mode-0:1.6.8-12.el3
  • ruby-tcltk-0:1.6.8-12.el3
refmap via4
apple APPLE-SA-2008-06-30
bid 29903
bugtraq 20080626 rPSA-2008-0206-1 ruby
confirm
debian
  • DSA-1612
  • DSA-1618
fedora FEDORA-2008-5649
gentoo GLSA-200812-17
mandriva
  • MDVSA-2008:140
  • MDVSA-2008:141
  • MDVSA-2008:142
misc
mlist [fedora-security-commits] 20080620 fedora-security/audit f10, 1.7, 1.8 f8, 1.225, 1.226 f9, 1.215, 1.216
sectrack 1020347
secunia
  • 30802
  • 30831
  • 30867
  • 30875
  • 30894
  • 31062
  • 31090
  • 31181
  • 31256
  • 31687
  • 33178
slackware SSA:2008-179-01
suse SUSE-SR:2008:017
ubuntu USN-621-1
vupen
  • ADV-2008-1907
  • ADV-2008-1981
xf ruby-rbarysplice-begrlen-code-execution(43351)
Last major update 11-10-2011 - 00:00
Published 24-06-2008 - 15:41
Last modified 01-11-2018 - 11:07
Back to Top