ID CVE-2013-4287
Summary Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux 6.0
    cpe:2.3:o:redhat:enterprise_linux:6.0
  • RubyGems RubyGems 1.8.0
    cpe:2.3:a:rubygems:rubygems:1.8.0
  • RubyGems RubyGems 1.8.1
    cpe:2.3:a:rubygems:rubygems:1.8.1
  • RubyGems RubyGems 1.8.2
    cpe:2.3:a:rubygems:rubygems:1.8.2
  • RubyGems RubyGems 1.8.3
    cpe:2.3:a:rubygems:rubygems:1.8.3
  • RubyGems RubyGems 1.8.4
    cpe:2.3:a:rubygems:rubygems:1.8.4
  • RubyGems RubyGems 1.8.5
    cpe:2.3:a:rubygems:rubygems:1.8.5
  • RubyGems RubyGems 1.8.6
    cpe:2.3:a:rubygems:rubygems:1.8.6
  • RubyGems RubyGems 1.8.7
    cpe:2.3:a:rubygems:rubygems:1.8.7
  • RubyGems RubyGems 1.8.8
    cpe:2.3:a:rubygems:rubygems:1.8.8
  • RubyGems RubyGems 1.8.9
    cpe:2.3:a:rubygems:rubygems:1.8.9
  • RubyGems RubyGems 1.8.10
    cpe:2.3:a:rubygems:rubygems:1.8.10
  • RubyGems RubyGems 1.8.11
    cpe:2.3:a:rubygems:rubygems:1.8.11
  • RubyGems RubyGems 1.8.12
    cpe:2.3:a:rubygems:rubygems:1.8.12
  • RubyGems RubyGems 1.8.13
    cpe:2.3:a:rubygems:rubygems:1.8.13
  • RubyGems RubyGems 1.8.14
    cpe:2.3:a:rubygems:rubygems:1.8.14
  • RubyGems RubyGems 1.8.15
    cpe:2.3:a:rubygems:rubygems:1.8.15
  • RubyGems RubyGems 1.8.16
    cpe:2.3:a:rubygems:rubygems:1.8.16
  • RubyGems RubyGems 1.8.17
    cpe:2.3:a:rubygems:rubygems:1.8.17
  • RubyGems RubyGems 1.8.18
    cpe:2.3:a:rubygems:rubygems:1.8.18
  • RubyGems RubyGems 1.8.19
    cpe:2.3:a:rubygems:rubygems:1.8.19
  • RubyGems RubyGems 1.8.20
    cpe:2.3:a:rubygems:rubygems:1.8.20
  • RubyGems RubyGems 1.8.21
    cpe:2.3:a:rubygems:rubygems:1.8.21
  • RubyGems RubyGems 1.8.22
    cpe:2.3:a:rubygems:rubygems:1.8.22
  • RubyGems RubyGems 1.8.23
    cpe:2.3:a:rubygems:rubygems:1.8.23
  • RubyGems RubyGems 1.8.24
    cpe:2.3:a:rubygems:rubygems:1.8.24
  • RubyGems RubyGems 1.8.25
    cpe:2.3:a:rubygems:rubygems:1.8.25
  • cpe:2.3:a:rubygems:rubygems:2.0.0
    cpe:2.3:a:rubygems:rubygems:2.0.0
  • cpe:2.3:a:rubygems:rubygems:2.0.1
    cpe:2.3:a:rubygems:rubygems:2.0.1
  • cpe:2.3:a:rubygems:rubygems:2.0.2
    cpe:2.3:a:rubygems:rubygems:2.0.2
  • cpe:2.3:a:rubygems:rubygems:2.0.3
    cpe:2.3:a:rubygems:rubygems:2.0.3
  • cpe:2.3:a:rubygems:rubygems:2.0.4
    cpe:2.3:a:rubygems:rubygems:2.0.4
  • cpe:2.3:a:rubygems:rubygems:2.0.5
    cpe:2.3:a:rubygems:rubygems:2.0.5
  • cpe:2.3:a:rubygems:rubygems:2.0.6
    cpe:2.3:a:rubygems:rubygems:2.0.6
  • cpe:2.3:a:rubygems:rubygems:2.0.7
    cpe:2.3:a:rubygems:rubygems:2.0.7
  • cpe:2.3:a:rubygems:rubygems:2.1.0:rc1
    cpe:2.3:a:rubygems:rubygems:2.1.0:rc1
  • cpe:2.3:a:rubygems:rubygems:2.1.0:rc2
    cpe:2.3:a:rubygems:rubygems:2.1.0:rc2
  • ruby-lang Ruby 1.9
    cpe:2.3:a:ruby-lang:ruby:1.9
  • ruby-lang Ruby 1.9.1
    cpe:2.3:a:ruby-lang:ruby:1.9.1
  • ruby-lang Ruby 1.9.2
    cpe:2.3:a:ruby-lang:ruby:1.9.2
  • ruby-lang Ruby 1.9.3
    cpe:2.3:a:ruby-lang:ruby:1.9.3
  • ruby-lang Ruby 1.9.3-p0
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p0
  • ruby-lang Ruby 1.9.3-p125
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p125
  • ruby-lang Ruby 1.9.3-p194
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p194
  • ruby-lang Ruby 1.9.3-p286
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p286
  • ruby-lang Ruby 1.9.3-p383
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p383
  • ruby-lang Ruby 1.9.3-p385
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p385
  • ruby-lang Ruby 1.9.3-p392
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p392
  • ruby-lang Ruby 1.9.3-p426
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p426
  • Ruby-lang Ruby 1.9.3-p429
    cpe:2.3:a:ruby-lang:ruby:1.9.3:p429
  • Ruby-lang Ruby 2.0
    cpe:2.3:a:ruby-lang:ruby:2.0
  • Ruby-lang Ruby 2.0.0
    cpe:2.3:a:ruby-lang:ruby:2.0.0
  • Ruby-lang Ruby 2.0.0-p0
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p0
  • Ruby-lang Ruby 2.0.0-p195
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p195
  • Ruby-lang Ruby 2.0.0-p247
    cpe:2.3:a:ruby-lang:ruby:2.0.0:p247
  • Ruby-lang Ruby 2.0.0-preview1
    cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1
  • Ruby-lang Ruby 2.0.0-preview2
    cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2
  • Ruby-lang Ruby 2.0.0 rc1
    cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1
  • Ruby-lang Ruby 2.0.0 rc2
    cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2
CVSS
Base: 4.3 (as of 18-10-2013 - 11:07)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1852.NASL
    description Updated Grid component packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.4 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Grid provides high-throughput computing and enables enterprises to achieve higher peak computing capacity as well as improved infrastructure utilization by leveraging their existing technology to build high performance grids. MRG Grid provides a job-queueing mechanism, scheduling policy, and a priority scheme, as well as resource monitoring and resource management. Users submit their jobs to MRG Grid, where they are placed into a queue. MRG Grid then chooses when and where to run the jobs based upon a policy, carefully monitors their progress, and ultimately informs the user upon completion. It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. (CVE-2012-2125) It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. (CVE-2012-2126) It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287) A flaw was found in the way cumin enforced user roles, allowing an unprivileged cumin user to access a range of resources without having the appropriate role. A remote, authenticated attacker could use this flaw to access privileged information, and perform a variety of privileged operations. (CVE-2013-4404) It was found that multiple forms in the cumin web interface did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who is logged into the cumin web interface, into visiting a specially crafted URL, the attacker could perform actions in the context of the logged in user. (CVE-2013-4405) It was found that cumin did not properly escape input from the 'Max allowance' field in the 'Set limit' form of the cumin web interface. A remote attacker could use this flaw to perform cross-site scripting (XSS) attacks against victims by tricking them into visiting a specially crafted URL. (CVE-2013-4414) A flaw was found in the way cumin parsed POST request data. A remote attacker could potentially use this flaw to perform SQL injection attacks on cumin's database. (CVE-2013-4461) Red Hat would like to thank Rubygems upstream for reporting CVE-2013-4287. Upstream acknowledges Damir Sharipov as the original reporter of CVE-2013-4287. The CVE-2013-4404, CVE-2013-4405, CVE-2013-4414, and CVE-2013-4461 issues were discovered by Tomas Novacik of the Red Hat MRG Quality Engineering team. All users of the Grid capabilities of Red Hat Enterprise MRG are advised to upgrade to these updated packages, which correct these issues.
    last seen 2019-02-21
    modified 2018-12-17
    plugin id 76671
    published 2014-07-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76671
    title RHEL 6 : MRG (RHSA-2013:1852)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_RUBYGEMS_20140731.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/ rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. (CVE-2013-4287) - Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. (CVE-2013-4363)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80760
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80760
    title Oracle Solaris Third-Party Patch Update : rubygems (multiple_cryptographic_issues_vulnerabilities_in1)
  • NASL family CGI abuses
    NASL id PUPPET_ENTERPRISE_310.NASL
    description According to its self-reported version number, the Puppet Enterprise install on the remote host is a version prior to 3.1.0. As a result, it is reportedly affected by multiple vulnerabilities : - An error exists related to the Fiddle and DL modules, '$SAFE' level verification and object handling that could allow an attacker to modify system calls. (CVE-2013-2065) - A remote code execution vulnerability exists that is triggered when handling a YAML report. This could allow a remote attacker to execute arbitrary code. (CVE-2013-4957) - A console account brute-force vulnerability exists that could allow an attacker to brute-force a known user's password. (CVE-2013-4965) - A RubyGems algorithmic complexity denial of service vulnerability exists that could allow an attacker to cause a denial of service through CPU consumption. (CVE-2013-4287)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 70684
    published 2013-10-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70684
    title Puppet Enterprise < 3.1.0 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-806.NASL
    description ruby19 was updated to fix the following security issues : - fix CVE-2013-2065: Object taint bypassing in DL and Fiddle (bnc#843686) The file CVE-2013-2065.patch contains the patch - fix CVE-2013-4287 CVE-2013-4363: ruby19: Algorithmic complexity vulnerability (bnc#837457) The file CVE-2013-4287-4363.patch contains the patch
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75178
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75178
    title openSUSE Security Update : ruby19 (openSUSE-SU-2013:1611-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_5423718296354A8B92D733BFAEED84CD.NASL
    description Ruby Gem developers report : RubyGems validates versions with a regular expression that is vulnerable to denial of service due to backtracking. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 71070
    published 2013-11-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71070
    title FreeBSD : ruby-gems -- Algorithmic Complexity Vulnerability (54237182-9635-4a8b-92d7-33bfaeed84cd)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_RUBY_20140114.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse. (CVE-2013-4164) - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/ rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. (CVE-2013-4287) - Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. (CVE-2013-4363)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80757
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80757
    title Oracle Solaris Third-Party Patch Update : ruby (multiple_vulnerabilities_in_ruby1)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-230.NASL
    description Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 70234
    published 2013-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70234
    title Amazon Linux AMI : rubygems (ALAS-2013-230)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1441.NASL
    description An updated rubygems package that fixes three security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. (CVE-2012-2126) It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. (CVE-2012-2125) It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287) Red Hat would like to thank Rubygems upstream for reporting CVE-2013-4287. Upstream acknowledges Damir Sharipov as the original reporter. All rubygems users are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 70501
    published 2013-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70501
    title CentOS 6 : rubygems (CESA-2013:1441)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_RUBY_20131217.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/ rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. (CVE-2013-4287) - Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. (CVE-2013-4363)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80756
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80756
    title Oracle Solaris Third-Party Patch Update : ruby (multiple_cryptographic_issues_vulnerabilities_in)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0207.NASL
    description An updated rubygems package that fixes one security issue is now available for Red Hat OpenShift Enterprise 2.0.2. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. RubyGems is the Ruby standard for publishing and managing third-party libraries. It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287) Red Hat would like to thank Rubygems upstream for reporting this issue. Upstream acknowledges Damir Sharipov as the original reporter. All users of Red Hat OpenShift Enterprise 2.0.2 are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 119345
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119345
    title RHEL 6 : rubygems (RHSA-2014:0207)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1441.NASL
    description An updated rubygems package that fixes three security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. (CVE-2012-2126) It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. (CVE-2012-2125) It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287) Red Hat would like to thank Rubygems upstream for reporting CVE-2013-4287. Upstream acknowledges Damir Sharipov as the original reporter. All rubygems users are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-12-17
    plugin id 70489
    published 2013-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70489
    title RHEL 6 : rubygems (RHSA-2013:1441)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20131017_RUBYGEMS_ON_SL6_X.NASL
    description It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. (CVE-2012-2126) It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. (CVE-2012-2125) It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287)
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 70491
    published 2013-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70491
    title Scientific Linux Security Update : rubygems on SL6.x (noarch)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1441.NASL
    description From Red Hat Security Advisory 2013:1441 : An updated rubygems package that fixes three security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. (CVE-2012-2126) It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. (CVE-2012-2125) It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287) Red Hat would like to thank Rubygems upstream for reporting CVE-2013-4287. Upstream acknowledges Damir Sharipov as the original reporter. All rubygems users are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 70524
    published 2013-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70524
    title Oracle Linux 6 : rubygems (ELSA-2013-1441)
redhat via4
advisories
  • bugzilla
    id 1002364
    title CVE-2013-4287 rubygems: version regex algorithmic complexity vulnerability
    oval
    AND
    • comment rubygems is earlier than 0:1.3.7-4.el6_4
      oval oval:com.redhat.rhsa:tst:20131441005
    • comment rubygems is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20131441006
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    rhsa
    id RHSA-2013:1441
    released 2013-10-17
    severity Moderate
    title RHSA-2013:1441: rubygems security update (Moderate)
  • rhsa
    id RHSA-2013:1427
  • rhsa
    id RHSA-2013:1523
  • rhsa
    id RHSA-2013:1852
  • rhsa
    id RHSA-2014:0207
rpms rubygems-0:1.3.7-4.el6_4
refmap via4
confirm
mlist [oss-security] 20130909 CVE-2013-4287 Algorithmic complexity vulnerability in RubyGems 2.0.7 and older
secunia 55381
Last major update 05-03-2014 - 23:47
Published 17-10-2013 - 19:55
Last modified 22-04-2019 - 13:48
Back to Top