ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2018.088.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2018-088-01)
Resumen:	The remote host is missing an update for the 'ruby' package(s) announced via the SSA:2018-088-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ruby' package(s) announced via the SSA:2018-088-01 advisory. Vulnerability Insight: New ruby packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ruby-2.2.10-i586-1_slack14.2.txz: Upgraded. This release includes some bug fixes and some security fixes: HTTP response splitting in WEBrick. Unintentional file and directory creation with directory traversal in tempfile and tmpdir. DoS by large request in WEBrick. Buffer under-read in String#unpack. Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket. Unintentional directory traversal by poisoned NUL byte in Dir. Multiple vulnerabilities in RubyGems. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'ruby' package(s) on Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-17742 BugTraq ID: 103684 http://www.securityfocus.com/bid/103684 Debian Security Information: DSA-4259 (Google Search) https://www.debian.org/security/2018/dsa-4259 https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html https://lists.debian.org/debian-lts-announce/2018/04/msg00024.html https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html https://lists.debian.org/debian-lts-announce/2019/12/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html RedHat Security Advisories: RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3729 RedHat Security Advisories: RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3730 RedHat Security Advisories: RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2018:3731 RedHat Security Advisories: RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2019:2028 http://www.securitytracker.com/id/1042004 SuSE Security Announcement: openSUSE-SU-2019:1771 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html https://usn.ubuntu.com/3685-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-6914 BugTraq ID: 103686 http://www.securityfocus.com/bid/103686 https://usn.ubuntu.com/3626-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8777 BugTraq ID: 103683 http://www.securityfocus.com/bid/103683 RedHat Security Advisories: RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0542 RedHat Security Advisories: RHSA-2020:0591 https://access.redhat.com/errata/RHSA-2020:0591 RedHat Security Advisories: RHSA-2020:0663 https://access.redhat.com/errata/RHSA-2020:0663 Common Vulnerability Exposure (CVE) ID: CVE-2018-8778 BugTraq ID: 103693 http://www.securityfocus.com/bid/103693 Common Vulnerability Exposure (CVE) ID: CVE-2018-8779 BugTraq ID: 103767 http://www.securityfocus.com/bid/103767 Common Vulnerability Exposure (CVE) ID: CVE-2018-8780 BugTraq ID: 103739 http://www.securityfocus.com/bid/103739
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.