|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2004:635|
|Summary:||Redhat Security Advisory RHSA-2004:635|
The remote host is missing updates announced in
Ruby is an interpreted scripting language for object-oriented programming.
A flaw was dicovered in the CGI module of Ruby. If empty data is sent by
the POST method to the CGI script which requires MIME type
multipart/form-data, it can get stuck in a loop. A remote attacker could
trigger this flaw and cause a denial of service. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-0983 to this issue.
Users are advised to upgrade to this erratum package, which contains a
backported patch to cgi.rb.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Risk factor : Medium
BugTraq ID: 11618|
Common Vulnerability Exposure (CVE) ID: CVE-2004-0983
Debian Security Information: DSA-586 (Google Search)
XForce ISS Database: ruby-cgi-dos(17985)
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 58880 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.