Test Kennung:	1.3.6.1.4.1.25623.1.0.57560
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: ruby, ruby_static
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: ruby ruby_static CVE-2006-5467 The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a dneial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a '-' instead of '--' and contains an inconsistent ID. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5467 1017194 http://securitytracker.com/id?1017194 20061101-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P 20777 http://www.securityfocus.com/bid/20777 22615 http://secunia.com/advisories/22615 22624 http://secunia.com/advisories/22624 22761 http://secunia.com/advisories/22761 22929 http://secunia.com/advisories/22929 22932 http://secunia.com/advisories/22932 23040 http://secunia.com/advisories/23040 23344 http://secunia.com/advisories/23344 25402 http://secunia.com/advisories/25402 ADV-2006-4244 http://www.vupen.com/english/advisories/2006/4244 ADV-2006-4245 http://www.vupen.com/english/advisories/2006/4245 ADV-2007-1939 http://www.vupen.com/english/advisories/2007/1939 APPLE-SA-2007-05-24 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html DSA-1234 http://www.debian.org/security/2006/dsa-1234 DSA-1235 http://www.debian.org/security/2006/dsa-1235 GLSA-200611-12 http://security.gentoo.org/glsa/glsa-200611-12.xml MDKSA-2006:192 http://www.mandriva.com/security/advisories?name=MDKSA-2006:192 OpenPKG-SA-2006.030 http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.030-ruby.html RHSA-2006:0729 http://www.redhat.com/support/errata/RHSA-2006-0729.html SUSE-SR:2006:026 http://www.novell.com/linux/security/advisories/2006_26_sr.html USN-371-1 http://www.ubuntu.com/usn/usn-371-1 [mongrel-users] 20061025 [SEC] Mongrel Temporary Fix For cgi.rb 99% CPU DoS Attack http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html http://docs.info.apple.com/article.html?artnum=305530 oval:org.mitre.oval:def:10185 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10185
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.