Test ID:	1.3.6.1.4.1.25623.1.0.59352
Category:	Fedora Local Security Checks
Title:	Fedora Core 4 FEDORA-2006-842 (ruby)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to ruby announced via advisory FEDORA-2006-842. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. * Thu Jul 20 2006 Akira TAGOH - 1.8.4-3 - security fixes [CVE-2006-3694] - ruby-1.8.4-fix-insecure-dir-operation.patch: - ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure operations in the certain safe-level restrictions. (#199538) - ruby-1.8.4-fix-alias-safe-level.patch: fixed to not bypass the certain safe-level restrictions. (#199543) Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2006-842 Risk factor : High CVSS Score: 6.4
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3694 BugTraq ID: 18944 http://www.securityfocus.com/bid/18944 Debian Security Information: DSA-1139 (Google Search) http://www.debian.org/security/2006/dsa-1139 Debian Security Information: DSA-1157 (Google Search) http://www.debian.org/security/2006/dsa-1157 http://jvn.jp/jp/JVN%2313947696/index.html http://jvn.jp/jp/JVN%2383768862/index.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:134 http://lists.freebsd.org/pipermail/freebsd-security/2006-July/003907.html http://lists.freebsd.org/pipermail/freebsd-security/2006-July/003915.html http://www.osvdb.org/27144 http://www.osvdb.org/27145 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9983 http://www.redhat.com/support/errata/RHSA-2006-0604.html http://secunia.com/advisories/21009 http://secunia.com/advisories/21233 http://secunia.com/advisories/21236 http://secunia.com/advisories/21272 http://secunia.com/advisories/21337 http://secunia.com/advisories/21598 http://secunia.com/advisories/21657 http://secunia.com/advisories/21749 SGI Security Advisory: 20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P SuSE Security Announcement: SUSE-SR:2006:021 (Google Search) http://www.novell.com/linux/security/advisories/2006_21_sr.html http://www.ubuntu.com/usn/usn-325-1 http://www.vupen.com/english/advisories/2006/2760 XForce ISS Database: ruby-alias-directory-security-bypass(27725) https://exchange.xforce.ibmcloud.com/vulnerabilities/27725
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.