Test Kennung:	1.3.6.1.4.1.25623.1.0.61462
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2008-179-01)
Zusammenfassung:	The remote host is missing an update for the 'ruby' package(s) announced via the SSA:2008-179-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'ruby' package(s) announced via the SSA:2008-179-01 advisory. Vulnerability Insight: New ruby packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 12.1 ChangeLog: +--------------------------+ patches/packages/ruby-1.8.6_p230-i486-1_slack12.1.tgz: Upgraded to ruby-1.8.6-p230. This fixes a number of security related bugs in Ruby which could lead to a denial of service (DoS) condition or allow execution of arbitrary code. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'ruby' package(s) on Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2662 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html BugTraq ID: 29903 http://www.securityfocus.com/bid/29903 Bugtraq: 20080626 rPSA-2008-0206-1 ruby (Google Search) http://www.securityfocus.com/archive/1/493688/100/0/threaded Debian Security Information: DSA-1612 (Google Search) http://www.debian.org/security/2008/dsa-1612 Debian Security Information: DSA-1618 (Google Search) http://www.debian.org/security/2008/dsa-1618 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html http://security.gentoo.org/glsa/glsa-200812-17.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:140 http://www.mandriva.com/security/advisories?name=MDVSA-2008:141 http://www.mandriva.com/security/advisories?name=MDVSA-2008:142 http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/ http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/ http://www.ruby-forum.com/topic/157034 http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601 http://www.redhat.com/support/errata/RHSA-2008-0561.html http://www.securitytracker.com/id?1020347 http://secunia.com/advisories/30802 http://secunia.com/advisories/30831 http://secunia.com/advisories/30867 http://secunia.com/advisories/30875 http://secunia.com/advisories/30894 http://secunia.com/advisories/31062 http://secunia.com/advisories/31181 http://secunia.com/advisories/31256 http://secunia.com/advisories/31687 http://secunia.com/advisories/33178 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562 SuSE Security Announcement: SUSE-SR:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://www.ubuntu.com/usn/usn-621-1 http://www.vupen.com/english/advisories/2008/1907/references http://www.vupen.com/english/advisories/2008/1981/references XForce ISS Database: ruby-rbstrbufappend-code-execution(43345) https://exchange.xforce.ibmcloud.com/vulnerabilities/43345 Common Vulnerability Exposure (CVE) ID: CVE-2008-2663 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10524 http://secunia.com/advisories/31090 XForce ISS Database: ruby-rbarystore-code-execution(43346) https://exchange.xforce.ibmcloud.com/vulnerabilities/43346 Common Vulnerability Exposure (CVE) ID: CVE-2008-2664 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9646 XForce ISS Database: ruby-rbstrformat-code-execution(43348) https://exchange.xforce.ibmcloud.com/vulnerabilities/43348 Common Vulnerability Exposure (CVE) ID: CVE-2008-2725 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727 http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606 XForce ISS Database: ruby-rbarysplice-code-execution(43350) https://exchange.xforce.ibmcloud.com/vulnerabilities/43350 Common Vulnerability Exposure (CVE) ID: CVE-2008-2726 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9959 XForce ISS Database: ruby-rbarysplice-begrlen-code-execution(43351) https://exchange.xforce.ibmcloud.com/vulnerabilities/43351
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.