All the vulnerabilites related to Ruby - Ruby
jvndb-2006-000753
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby cgi.rb Denial of Service Vulnerability
Details
The cig.rb class in Ruby cannot handle HTTP requests with MIME multipart data set with an invalid boundry, which could trigger an infinate loop and result in consuming a large amount of CPU respurces.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000753.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The cig.rb class in Ruby cannot handle HTTP requests with MIME multipart data set with an invalid boundry, which could trigger an infinate loop and result in consuming a large amount of CPU respurces.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000753.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux",
      "@product": "Turbolinux",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
      "@product": "Turbolinux Appliance Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_desktop",
      "@product": "Turbolinux Desktop",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_fuji",
      "@product": "Turbolinux FUJI",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_home",
      "@product": "Turbolinux Home",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000753",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467",
      "@id": "CVE-2006-5467",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5467",
      "@id": "CVE-2006-5467",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/13123/",
      "@id": "SA13123",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/20777",
      "@id": "20777",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2006/4244",
      "@id": "FrSIRT/ADV-2006-4244",
      "@source": "FRSIRT"
    }
  ],
  "title": "Ruby cgi.rb Denial of Service Vulnerability"
}

jvndb-2006-000392
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.
Details
Safe level is a security model provided by Ruby language that limits the operation of untrusted objects. A vulnerability that allows an attacker to bypass the safe level restrictions and execute inaccessible methods (ex. destructive methods) was confirmed.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000392.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Safe level is a security model provided by Ruby language that limits the operation of untrusted objects. A vulnerability that allows an attacker to bypass the safe level restrictions and execute inaccessible methods (ex. destructive methods) was confirmed.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000392.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "1.2",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000392",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN13947696/index.html",
      "@id": "JVN#13947696",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694",
      "@id": "CVE-2006-3694",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3694",
      "@id": "CVE-2006-3694",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/21009/",
      "@id": "SA21009",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/18944",
      "@id": "18944",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2006/2760",
      "@id": "FrSIRT/ADV-2006-2760",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-DesignError",
      "@title": "No Mapping(CWE-DesignError)"
    }
  ],
  "title": "Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox."
}

jvndb-2012-000066
Vulnerability from jvndb
Published
2012-07-06 17:11
Modified
2012-07-06 17:11
Severity ?
() - -
Summary
Ruby hash table implementation vulnerable to denial-of-service
Details
The hash table implementation in Ruby contains a denial-of-service (DoS) vulnerability. The hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service (DoS) attack may be conducted. Tanaka Akira of National Institute of Advanced Industrial Science and Technology (AIST) reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Impacted products
RubyRuby
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000066.html",
  "dc:date": "2012-07-06T17:11+09:00",
  "dcterms:issued": "2012-07-06T17:11+09:00",
  "dcterms:modified": "2012-07-06T17:11+09:00",
  "description": "The hash table implementation in Ruby contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service (DoS) attack may be conducted.\r\n\r\nTanaka Akira of National Institute of Advanced Industrial Science and Technology (AIST) reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000066.html",
  "sec:cpe": {
    "#text": "cpe:/a:ruby-lang:ruby",
    "@product": "Ruby",
    "@vendor": "Ruby",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2012-000066",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN90615481/index.html",
      "@id": "JVN#90615481",
      "@source": "JVN"
    },
    {
      "#text": "http://jvn.jp/cert/JVNVU692779/",
      "@id": "JVNVU#692779",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815",
      "@id": "CVE-2011-4815",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4815",
      "@id": "CVE-2011-4815",
      "@source": "NVD"
    },
    {
      "#text": "http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html",
      "@id": "20120106-web",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/903934",
      "@id": "VU#903934",
      "@source": "CERT-VN"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-399",
      "@title": "Resource Management Errors(CWE-399)"
    }
  ],
  "title": "Ruby hash table implementation vulnerable to denial-of-service"
}

jvndb-2005-000396
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby XMLRPC Arbitrary Command Execution Vulnerability
Details
utils.rb in The Ruby XMLRPC server sets an insecure default value for the public_instance_methods function, which could cause the highly privileged function to be exposed.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000396.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "utils.rb in The Ruby XMLRPC server sets an insecure default value for the public_instance_methods function, which could cause the highly privileged function to be exposed.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000396.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000396",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1992",
      "@id": "CVE-2005-1992",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-1992",
      "@id": "CVE-2005-1992",
      "@source": "NVD"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/684913",
      "@id": "VU#684913",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://secunia.com/advisories/15767/",
      "@id": "SA15767",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/14016",
      "@id": "14016",
      "@source": "BID"
    },
    {
      "#text": "http://securitytracker.com/alerts/2005/Jun/1014253.html",
      "@id": "1014253",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2005/0833",
      "@id": "FrSIRT/ADV-2005-0833",
      "@source": "FRSIRT"
    }
  ],
  "title": "Ruby XMLRPC Arbitrary Command Execution Vulnerability"
}

jvndb-2004-000323
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby CGI Session Management Insecure File Permission Vulnerability
Details
Ruby uses CGI::Session's FileStore. FileStore creates a session file with improper permission and this could lead to session information leak.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000323.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Ruby uses CGI::Session\u0027s FileStore. FileStore creates a session file with improper permission and this could lead to session information leak.",
  "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000323.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux",
      "@product": "Turbolinux",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_desktop",
      "@product": "Turbolinux Desktop",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_home",
      "@product": "Turbolinux Home",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_workstation",
      "@product": "Turbolinux Workstation",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.1",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2004-000323",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0755",
      "@id": "CVE-2004-0755",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0755",
      "@id": "CVE-2004-0755",
      "@source": "NVD"
    },
    {
      "#text": "http://www.securityfocus.com/bid/10946",
      "@id": "10946",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/16996",
      "@id": "16996",
      "@source": "XF"
    }
  ],
  "title": "Ruby CGI Session Management Insecure File Permission Vulnerability"
}

jvndb-2004-000473
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby cgi.rb Denial of Service Vulnerability
Details
Ruby cgi.rb enters an infinite loop which leads it into Ddenial of Service (DoS) due to improper input validation.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000473.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Ruby cgi.rb enters an infinite loop which leads it into Ddenial of Service (DoS) due to improper input validation.",
  "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000473.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux",
      "@product": "Turbolinux",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_desktop",
      "@product": "Turbolinux Desktop",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_home",
      "@product": "Turbolinux Home",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_workstation",
      "@product": "Turbolinux Workstation",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2004-000473",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983",
      "@id": "CVE-2004-0983",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0983",
      "@id": "CVE-2004-0983",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/13123/",
      "@id": "SA13123",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/11618",
      "@id": "11618",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/17985",
      "@id": "17985",
      "@source": "XF"
    },
    {
      "#text": "http://securitytracker.com/id?1012120",
      "@id": "1012120",
      "@source": "SECTRACK"
    }
  ],
  "title": "Ruby cgi.rb Denial of Service Vulnerability"
}

jvndb-2005-000695
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby XMLRPC Server Denial of Service Vulnerability
Details
The User-level thread supported in Ruby does not switch while writing to a socket. This in turn blocks all subsequent procrsses when specially crafted requests are sent to the Web server and could result in a denial of service.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000695.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The User-level thread supported in Ruby does not switch while writing to a socket. This in turn blocks all subsequent procrsses when specially crafted requests are sent to the Web server and could result in a denial of service.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000695.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000695",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1931",
      "@id": "CVE-2006-1931",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1931",
      "@id": "CVE-2006-1931",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/16904/",
      "@id": "SA16904",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/17645",
      "@id": "17645",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/26102",
      "@id": "26102",
      "@source": "XF"
    },
    {
      "#text": "http://securitytracker.com/id?1015978",
      "@id": "1015978",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.osvdb.org/24972",
      "@id": "24972",
      "@source": "OSVDB"
    }
  ],
  "title": "Ruby XMLRPC Server Denial of Service Vulnerability"
}

jvndb-2006-000858
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox
Details
Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby's alias function.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000858.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby\u0027s alias function.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000858.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "1.2",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000858",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN83768862/index.html",
      "@id": "JVN#83768862",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694",
      "@id": "CVE-2006-3694",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3694",
      "@id": "CVE-2006-3694",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/21009/",
      "@id": "SA21009",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/18944",
      "@id": "18944",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2006/2760",
      "@id": "FrSIRT/ADV-2006-2760",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-DesignError",
      "@title": "No Mapping(CWE-DesignError)"
    }
  ],
  "title": "Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox"
}

jvndb-2006-000808
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-11-14 12:20
Severity ?
() - -
Summary
Denial of service vulnerability in Ruby CGI library (cgi.rb)
Details
cgi.rb, a standard library in Ruby, contains a denial of service vulnerability. This vulnerability is different from CVE-2006-5467.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000808.html",
  "dc:date": "2008-11-14T12:20+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-11-14T12:20+09:00",
  "description": "cgi.rb, a standard library in Ruby, contains a denial of service vulnerability.\r\n\r\nThis vulnerability is different from CVE-2006-5467.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000808.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux_desktop",
      "@product": "Red Hat Enterprise Linux Desktop",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux",
      "@product": "Turbolinux",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
      "@product": "Turbolinux Appliance Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_desktop",
      "@product": "Turbolinux Desktop",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_fuji",
      "@product": "Turbolinux FUJI",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_home",
      "@product": "Turbolinux Home",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000808",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN84798830/index.html",
      "@id": "JVN#84798830",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6303",
      "@id": "CVE-2006-6303",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6303",
      "@id": "CVE-2006-6303",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/13123/",
      "@id": "SA13123",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/21441",
      "@id": "21441",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/30734",
      "@id": "30734",
      "@source": "XF"
    },
    {
      "#text": "http://securitytracker.com/id?1017363",
      "@id": "1017363",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2006/4855",
      "@id": "FrSIRT/ADV-2006-4855",
      "@source": "FRSIRT"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000808.html",
      "@id": "JVNDB-2006-000808",
      "@source": "JVNDB_Ja"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-399",
      "@title": "Resource Management Errors(CWE-399)"
    }
  ],
  "title": "Denial of service vulnerability in Ruby CGI library (cgi.rb)"
}

jvndb-2005-000538
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
Ruby vulnerability allowing to bypass safe level 4 as a sandbox
Details
Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: "object taint" and "safe level". Ruby contains a vulnerability that may allow an attacker to execute an arbitrary script by bypassing the "safe level" checks.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000538.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: \"object taint\" and \"safe level\". Ruby contains a vulnerability that may allow an attacker to execute an arbitrary script by bypassing the \"safe level\" checks.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000538.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ruby-lang:ruby",
      "@product": "Ruby",
      "@vendor": "Ruby",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.4",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000538",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN62914675/index.html",
      "@id": "JVN#62914675",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2337",
      "@id": "CVE-2005-2337",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2337",
      "@id": "CVE-2005-2337",
      "@source": "NVD"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/160012",
      "@id": "VU#160012",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://www.securityfocus.com/bid/14909",
      "@id": "14909",
      "@source": "BID"
    }
  ],
  "title": "Ruby vulnerability allowing to bypass safe level 4 as a sandbox"
}

cve-2016-2336
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:24
Severity ?
Summary
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:48.901Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.talosintelligence.com/reports/TALOS-2016-0029/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruby",
          "vendor": "Ruby",
          "versions": [
            {
              "status": "affected",
              "version": "2.3.0 dev"
            },
            {
              "status": "affected",
              "version": "2.2.2"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Type confusion exists in two methods of Ruby\u0027s WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "type confusion",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-06T20:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.talosintelligence.com/reports/TALOS-2016-0029/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-2336",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ruby",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.3.0 dev"
                          },
                          {
                            "version_value": "2.2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Ruby"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Type confusion exists in two methods of Ruby\u0027s WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "type confusion"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.talosintelligence.com/reports/TALOS-2016-0029/",
              "refsource": "MISC",
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0029/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-2336",
    "datePublished": "2017-01-06T21:00:00",
    "dateReserved": "2016-02-12T00:00:00",
    "dateUpdated": "2024-08-05T23:24:48.901Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-2339
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:24
Severity ?
Summary
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:48.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
          },
          {
            "name": "91234",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91234"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruby",
          "vendor": "Ruby",
          "versions": [
            {
              "status": "affected",
              "version": "2.3.0 dev"
            },
            {
              "status": "affected",
              "version": "2.2.2"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "heap overflow vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-14T09:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
        },
        {
          "name": "91234",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91234"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-2339",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ruby",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.3.0 dev"
                          },
                          {
                            "version_value": "2.2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Ruby"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "heap overflow vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
            },
            {
              "name": "91234",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91234"
            },
            {
              "name": "http://www.talosintelligence.com/reports/TALOS-2016-0034/",
              "refsource": "MISC",
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0034/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-2339",
    "datePublished": "2017-01-06T21:00:00",
    "dateReserved": "2016-02-12T00:00:00",
    "dateUpdated": "2024-08-05T23:24:48.934Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-2337
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:24
Severity ?
Summary
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.
Impacted products
Vendor Product Version
Tcl Tcl/Tk Version: 8.6 or later
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:49.158Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"
          },
          {
            "name": "91233",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91233"
          },
          {
            "name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"
          },
          {
            "name": "GLSA-201710-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201710-18"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruby",
          "vendor": "Ruby",
          "versions": [
            {
              "status": "affected",
              "version": "2.3.0 dev"
            },
            {
              "status": "affected",
              "version": "2.2.2"
            }
          ]
        },
        {
          "product": "Tcl/Tk",
          "vendor": "Tcl",
          "versions": [
            {
              "status": "affected",
              "version": "8.6 or later"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Type confusion exists in _cancel_eval Ruby\u0027s TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "type confusion",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-28T09:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"
        },
        {
          "name": "91233",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91233"
        },
        {
          "name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"
        },
        {
          "name": "GLSA-201710-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201710-18"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-2337",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ruby",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.3.0 dev"
                          },
                          {
                            "version_value": "2.2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Ruby"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tcl/Tk",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.6 or later"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Tcl"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Type confusion exists in _cancel_eval Ruby\u0027s TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "type confusion"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.talosintelligence.com/reports/TALOS-2016-0031/",
              "refsource": "MISC",
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"
            },
            {
              "name": "91233",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91233"
            },
            {
              "name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"
            },
            {
              "name": "GLSA-201710-18",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201710-18"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-2337",
    "datePublished": "2017-01-06T21:00:00",
    "dateReserved": "2016-02-12T00:00:00",
    "dateUpdated": "2024-08-05T23:24:49.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-3624
Vulnerability from cvelistv5
Published
2019-11-26 02:50
Modified
2024-08-06 23:37
Severity ?
Summary
Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:37:48.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2011-3624"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2011-3624"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://redmine.ruby-lang.org/issues/5418"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruby",
          "vendor": "Ruby",
          "versions": [
            {
              "status": "affected",
              "version": "1.9.2"
            },
            {
              "status": "affected",
              "version": "1.8.7 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "UNKNOWN_TYPE",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-11T21:51:22",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2011-3624"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3624"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/cve/cve-2011-3624"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://redmine.ruby-lang.org/issues/5418"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-3624",
    "datePublished": "2019-11-26T02:50:40",
    "dateReserved": "2011-09-21T00:00:00",
    "dateUpdated": "2024-08-06T23:37:48.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-1855
Vulnerability from cvelistv5
Published
2019-11-29 20:46
Modified
2024-08-06 04:54
Severity ?
Summary
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:54:16.307Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3247"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3245"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3246"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://puppetlabs.com/security/cve/cve-2015-1855"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.ruby-lang.org/issues/9644"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruby",
          "vendor": "Ruby",
          "versions": [
            {
              "status": "affected",
              "version": "before 2.0.0 patchlevel 645"
            },
            {
              "status": "affected",
              "version": "2.1.x before 2.1.6"
            },
            {
              "status": "affected",
              "version": "and 2.2.x before 2.2.2"
            }
          ]
        }
      ],
      "datePublic": "2015-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-29T20:46:48",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3247"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3245"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3246"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://puppetlabs.com/security/cve/cve-2015-1855"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.ruby-lang.org/issues/9644"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-1855",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ruby",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 2.0.0 patchlevel 645"
                          },
                          {
                            "version_value": "2.1.x before 2.1.6"
                          },
                          {
                            "version_value": "and 2.2.x before 2.2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Ruby"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.debian.org/security/2015/dsa-3247",
              "refsource": "MISC",
              "url": "http://www.debian.org/security/2015/dsa-3247"
            },
            {
              "name": "http://www.debian.org/security/2015/dsa-3245",
              "refsource": "MISC",
              "url": "http://www.debian.org/security/2015/dsa-3245"
            },
            {
              "name": "http://www.debian.org/security/2015/dsa-3246",
              "refsource": "MISC",
              "url": "http://www.debian.org/security/2015/dsa-3246"
            },
            {
              "name": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/",
              "refsource": "MISC",
              "url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
            },
            {
              "name": "https://puppetlabs.com/security/cve/cve-2015-1855",
              "refsource": "MISC",
              "url": "https://puppetlabs.com/security/cve/cve-2015-1855"
            },
            {
              "name": "https://bugs.ruby-lang.org/issues/9644",
              "refsource": "MISC",
              "url": "https://bugs.ruby-lang.org/issues/9644"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-1855",
    "datePublished": "2019-11-29T20:46:48",
    "dateReserved": "2015-02-17T00:00:00",
    "dateUpdated": "2024-08-06T04:54:16.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}