Test ID:	1.3.6.1.4.1.25623.1.0.122142
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-0910)
Summary:	The remote host is missing an update for the 'ruby' package(s) announced via the ELSA-2011-0910 advisory.
Description:	Summary: The remote host is missing an update for the 'ruby' package(s) announced via the ELSA-2011-0910 advisory. Vulnerability Insight: [1.8.7.299-7.1] - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' * ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' * ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms' * ruby-1.8.7-CVE-2011-0188.patch - Resolves: rhbz#709963 Affected Software/OS: 'ruby' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0188 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:097 http://www.mandriva.com/security/advisories?name=MDVSA-2011:098 http://www.redhat.com/support/errata/RHSA-2011-0908.html http://www.redhat.com/support/errata/RHSA-2011-0909.html http://www.redhat.com/support/errata/RHSA-2011-0910.html http://www.securitytracker.com/id?1025236 Common Vulnerability Exposure (CVE) ID: CVE-2011-1004 43434 http://secunia.com/advisories/43434 43573 http://secunia.com/advisories/43573 46460 http://www.securityfocus.com/bid/46460 70958 http://osvdb.org/70958 ADV-2011-0539 http://www.vupen.com/english/advisories/2011/0539 APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html FEDORA-2011-1876 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html FEDORA-2011-1913 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html MDVSA-2011:097 RHSA-2011:0909 RHSA-2011:0910 [oss-security] 20110221 CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFE http://www.openwall.com/lists/oss-security/2011/02/21/2 [oss-security] 20110221 Re: CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFE http://www.openwall.com/lists/oss-security/2011/02/21/5 http://support.apple.com/kb/HT5281 http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/ https://bugzilla.redhat.com/show_bug.cgi?id=678913 Common Vulnerability Exposure (CVE) ID: CVE-2011-1005 43420 http://secunia.com/advisories/43420 46458 http://www.securityfocus.com/bid/46458 70957 http://osvdb.org/70957 MDVSA-2011:098 RHSA-2011:0908 http://www.ruby-lang.org/en/news/2011/02/18/exception-methods-can-bypass-safe/ https://bugzilla.redhat.com/show_bug.cgi?id=678920
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.