Fedora Local Security Checks : Fedora Core 2 FEDORA-2004-264 (ruby)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.50419

Category: Fedora Local Security Checks

Title: Fedora Core 2 FEDORA-2004-264 (ruby)

Summary: NOSUMMARY

Description: Description:

The remote host is missing an update to ruby
announced via advisory FEDORA-2004-264.

Ruby is the interpreted scripting language for quick and easy
object-oriented programming. It has many features to process text
files and to do system management tasks (as in Perl). It is simple,
straight-forward, and extensible.

* Thu Aug 19 2004 Akira TAGOH 1.8.1-6

- security fix [CVE-2004-0755]
- ruby-1.8.1-cgi_session_perms.patch: sets the permission of the session data
file to 0600. (#130063)

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

d8a48d8cc33fbb2d80ef3ae7cc430a7b SRPMS/ruby-1.8.1-6.src.rpm
c714ce56a344262bc6517733374074b1 x86_64/ruby-devel-1.8.1-6.x86_64.rpm
ca4a11002b7ac1a0527704111fc1c8e6 x86_64/irb-1.8.1-6.x86_64.rpm
293bdbe4cbe15b1686b4f947400908ed x86_64/ruby-1.8.1-6.x86_64.rpm
d8e5088313ddc95dac30a0d2805b5f82 x86_64/debug/ruby-debuginfo-1.8.1-6.x86_64.rpm
0782cfa648c4642e4673cc1eaac43ca0 x86_64/ruby-docs-1.8.1-6.x86_64.rpm
ead260eaa77f783b24d2e1084aa8d423 x86_64/ruby-libs-1.8.1-6.x86_64.rpm
15ac23e5f062bfbab02a5ed2cf0218b7 x86_64/ruby-mode-1.8.1-6.x86_64.rpm
85017b0e52e6b52baa5a6068930c3b84 x86_64/ruby-tcltk-1.8.1-6.x86_64.rpm
2bafe002e18bc8eb388869b3dc7ef1fd i386/ruby-1.8.1-6.i386.rpm
1049cb91162d8b2a18714c52b7bfd456 i386/irb-1.8.1-6.i386.rpm
770364a116d5f4c9a6d5679231e879c4 i386/debug/ruby-debuginfo-1.8.1-6.i386.rpm
ac945d1d04306ec2fa7245aefcaa16a2 i386/ruby-devel-1.8.1-6.i386.rpm
1075fc983162e6b00bd29e0976dd79f0 i386/ruby-docs-1.8.1-6.i386.rpm
e561fa39a17cc1770c0d1180732d469c i386/ruby-libs-1.8.1-6.i386.rpm
412267226c58d3bfc73577ebc60157ba i386/ruby-mode-1.8.1-6.i386.rpm
bf1cbb9f65ecf88f4ffa034d24cef119 i386/ruby-tcltk-1.8.1-6.i386.rpm

This update can also be installed with the Update Agent
you can
launch the Update Agent with the 'up2date' command.

Solution: Apply the appropriate updates.
http://www.fedoranews.org/updates/FEDORA-2004-264.shtml

Risk factor : Medium

CVSS Score:
2.1

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0755
Debian Security Information: DSA-537 (Google Search)
http://www.debian.org/security/2004/dsa-537
http://www.gentoo.org/security/en/glsa/glsa-200409-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:128
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11128
http://secunia.com/advisories/12290/
XForce ISS Database: ruby-filestore-pstore-insecure-permission(16996)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16996

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.50419
Category:	Fedora Local Security Checks
Title:	Fedora Core 2 FEDORA-2004-264 (ruby)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to ruby announced via advisory FEDORA-2004-264. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. * Thu Aug 19 2004 Akira TAGOH 1.8.1-6 - security fix [CVE-2004-0755] - ruby-1.8.1-cgi_session_perms.patch: sets the permission of the session data file to 0600. (#130063) This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ d8a48d8cc33fbb2d80ef3ae7cc430a7b SRPMS/ruby-1.8.1-6.src.rpm c714ce56a344262bc6517733374074b1 x86_64/ruby-devel-1.8.1-6.x86_64.rpm ca4a11002b7ac1a0527704111fc1c8e6 x86_64/irb-1.8.1-6.x86_64.rpm 293bdbe4cbe15b1686b4f947400908ed x86_64/ruby-1.8.1-6.x86_64.rpm d8e5088313ddc95dac30a0d2805b5f82 x86_64/debug/ruby-debuginfo-1.8.1-6.x86_64.rpm 0782cfa648c4642e4673cc1eaac43ca0 x86_64/ruby-docs-1.8.1-6.x86_64.rpm ead260eaa77f783b24d2e1084aa8d423 x86_64/ruby-libs-1.8.1-6.x86_64.rpm 15ac23e5f062bfbab02a5ed2cf0218b7 x86_64/ruby-mode-1.8.1-6.x86_64.rpm 85017b0e52e6b52baa5a6068930c3b84 x86_64/ruby-tcltk-1.8.1-6.x86_64.rpm 2bafe002e18bc8eb388869b3dc7ef1fd i386/ruby-1.8.1-6.i386.rpm 1049cb91162d8b2a18714c52b7bfd456 i386/irb-1.8.1-6.i386.rpm 770364a116d5f4c9a6d5679231e879c4 i386/debug/ruby-debuginfo-1.8.1-6.i386.rpm ac945d1d04306ec2fa7245aefcaa16a2 i386/ruby-devel-1.8.1-6.i386.rpm 1075fc983162e6b00bd29e0976dd79f0 i386/ruby-docs-1.8.1-6.i386.rpm e561fa39a17cc1770c0d1180732d469c i386/ruby-libs-1.8.1-6.i386.rpm 412267226c58d3bfc73577ebc60157ba i386/ruby-mode-1.8.1-6.i386.rpm bf1cbb9f65ecf88f4ffa034d24cef119 i386/ruby-tcltk-1.8.1-6.i386.rpm This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. Solution: Apply the appropriate updates. http://www.fedoranews.org/updates/FEDORA-2004-264.shtml Risk factor : Medium CVSS Score: 2.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0755 Debian Security Information: DSA-537 (Google Search) http://www.debian.org/security/2004/dsa-537 http://www.gentoo.org/security/en/glsa/glsa-200409-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11128 http://secunia.com/advisories/12290/ XForce ISS Database: ruby-filestore-pstore-insecure-permission(16996) https://exchange.xforce.ibmcloud.com/vulnerabilities/16996
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com