Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69798
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:0909
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0909.

Ruby is an extensible, interpreted, object-oriented, scripting language. It
has features to process text files and to do system management tasks.

A flaw was found in the way large amounts of memory were allocated on
64-bit systems when using the BigDecimal class. A context-dependent
attacker could use this flaw to cause memory corruption, causing a Ruby
application that uses the BigDecimal class to crash or, possibly, execute
arbitrary code. This issue did not affect 32-bit systems. (CVE-2011-0188)

A race condition flaw was found in the remove system entries method in the
FileUtils module. If a local user ran a Ruby script that uses this method,
a local attacker could use this flaw to delete arbitrary files and
directories accessible to that user via a symbolic link attack.
(CVE-2011-1004)

It was found that WEBrick (the Ruby HTTP server toolkit) did not filter
terminal escape sequences from its log files. A remote attacker could use
specially-crafted HTTP requests to inject terminal escape sequences into
the WEBrick log files. If a victim viewed the log files with a terminal
emulator, it could result in control characters being executed with the
privileges of that user. (CVE-2009-4492)

A cross-site scripting (XSS) flaw was found in the way WEBrick displayed
error pages. A remote attacker could use this flaw to perform a cross-site
scripting attack against victims by tricking them into visiting a
specially-crafted URL. (CVE-2010-0541)

A flaw was found in the method for translating an exception message into a
string in the Exception class. A remote attacker could use this flaw to
bypass safe level 4 restrictions, allowing untrusted (tainted) code to
modify arbitrary, trusted (untainted) strings, which safe level 4
restrictions would otherwise prevent. (CVE-2011-1005)

Red Hat would like to thank Drew Yao of Apple Product Security for
reporting the CVE-2011-0188 and CVE-2010-0541 issues.

All Ruby users should upgrade to these updated packages, which contain
backported patches to resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0909.html
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
http://www.ruby-lang.org/en/news/2011/02/18/exception-methods-can-bypass-safe/
http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/
http://www.ruby-lang.org/en/news/2010/08/16/xss-in-webrick-cve-2010-0541/

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4492
BugTraq ID: 37710
http://www.securityfocus.com/bid/37710
Bugtraq: 20100110 Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection (Google Search)
http://www.securityfocus.com/archive/1/508830/100/0/threaded
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
http://www.redhat.com/support/errata/RHSA-2011-0908.html
http://www.redhat.com/support/errata/RHSA-2011-0909.html
http://securitytracker.com/id?1023429
http://secunia.com/advisories/37949
http://www.vupen.com/english/advisories/2010/0089
Common Vulnerability Exposure (CVE) ID: CVE-2010-0541
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
BugTraq ID: 40871
http://www.securityfocus.com/bid/40871
BugTraq ID: 40895
http://www.securityfocus.com/bid/40895
http://www.mandriva.com/security/advisories?name=MDVSA-2011:097
http://www.mandriva.com/security/advisories?name=MDVSA-2011:098
http://secunia.com/advisories/40220
http://www.vupen.com/english/advisories/2010/1481
Common Vulnerability Exposure (CVE) ID: CVE-2011-0188
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://www.redhat.com/support/errata/RHSA-2011-0910.html
http://www.securitytracker.com/id?1025236
Common Vulnerability Exposure (CVE) ID: CVE-2011-1004
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
BugTraq ID: 46460
http://www.securityfocus.com/bid/46460
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.html
http://www.openwall.com/lists/oss-security/2011/02/21/2
http://www.openwall.com/lists/oss-security/2011/02/21/5
http://osvdb.org/70958
http://secunia.com/advisories/43434
http://secunia.com/advisories/43573
http://www.vupen.com/english/advisories/2011/0539
Common Vulnerability Exposure (CVE) ID: CVE-2011-1005
BugTraq ID: 46458
http://www.securityfocus.com/bid/46458
http://osvdb.org/70957
http://secunia.com/advisories/43420
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.