Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:225 (ruby)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57671

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:225 (ruby)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to ruby
announced via advisory MDKSA-2006:225.

Another vulnerability has been discovered in the CGI library (cgi.rb)
that ships with Ruby which could be used by a malicious user to create
a denial of service attack (DoS).

Updated packages have been patched to correct this issue.

Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:225

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6303
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
BugTraq ID: 21441
http://www.securityfocus.com/bid/21441
http://security.gentoo.org/glsa/glsa-200612-21.xml
http://jvn.jp/jp/JVN%2384798830/index.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:225
http://bugs.gentoo.org/show_bug.cgi?id=157048
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218287
http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/lib/cgi.rb.diff?f=h&only_with_tag=MAIN&r1=text&tr1=1.92&r2=text&tr2=1.91
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10529
http://www.redhat.com/support/errata/RHSA-2007-0961.html
http://securitytracker.com/id?1017363
http://secunia.com/advisories/23165
http://secunia.com/advisories/23268
http://secunia.com/advisories/23454
http://secunia.com/advisories/25402
http://secunia.com/advisories/27576
http://secunia.com/advisories/31090
SuSE Security Announcement: SUSE-SR:2007:004 (Google Search)
http://www.novell.com/linux/security/advisories/2007_4_sr.html
http://www.ubuntu.com/usn/usn-394-1
http://www.vupen.com/english/advisories/2006/4855
http://www.vupen.com/english/advisories/2007/1939
XForce ISS Database: ruby-cgi-library-dos(30734)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30734

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57671
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:225 (ruby)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to ruby announced via advisory MDKSA-2006:225. Another vulnerability has been discovered in the CGI library (cgi.rb) that ships with Ruby which could be used by a malicious user to create a denial of service attack (DoS). Updated packages have been patched to correct this issue. Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:225 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6303 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html BugTraq ID: 21441 http://www.securityfocus.com/bid/21441 http://security.gentoo.org/glsa/glsa-200612-21.xml http://jvn.jp/jp/JVN%2384798830/index.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:225 http://bugs.gentoo.org/show_bug.cgi?id=157048 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218287 http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/lib/cgi.rb.diff?f=h&only_with_tag=MAIN&r1=text&tr1=1.92&r2=text&tr2=1.91 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10529 http://www.redhat.com/support/errata/RHSA-2007-0961.html http://securitytracker.com/id?1017363 http://secunia.com/advisories/23165 http://secunia.com/advisories/23268 http://secunia.com/advisories/23454 http://secunia.com/advisories/25402 http://secunia.com/advisories/27576 http://secunia.com/advisories/31090 SuSE Security Announcement: SUSE-SR:2007:004 (Google Search) http://www.novell.com/linux/security/advisories/2007_4_sr.html http://www.ubuntu.com/usn/usn-394-1 http://www.vupen.com/english/advisories/2006/4855 http://www.vupen.com/english/advisories/2007/1939 XForce ISS Database: ruby-cgi-library-dos(30734) https://exchange.xforce.ibmcloud.com/vulnerabilities/30734
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com