Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 4 FEDORA-2006-842 (ruby)

The remote host is missing an update to ruby
announced via advisory FEDORA-2006-842.

Ruby is the interpreted scripting language for quick and easy
object-oriented programming. It has many features to process text
files and to do system management tasks (as in Perl). It is simple,
straight-forward, and extensible.

* Thu Jul 20 2006 Akira TAGOH - 1.8.4-3
- security fixes [CVE-2006-3694]
- ruby-1.8.4-fix-insecure-dir-operation.patch:
- ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure
operations in the certain safe-level restrictions. (#199538)
- ruby-1.8.4-fix-alias-safe-level.patch: fixed to not bypass the certain
safe-level restrictions. (#199543)

Solution: Apply the appropriate updates.

This update can be downloaded from:

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-3694
BugTraq ID: 18944
Debian Security Information: DSA-1139 (Google Search)
Debian Security Information: DSA-1157 (Google Search)
SGI Security Advisory: 20060801-01-P
SuSE Security Announcement: SUSE-SR:2006:021 (Google Search)
XForce ISS Database: ruby-alias-directory-security-bypass(27725)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2023 E-Soft Inc. All rights reserved.