Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871087
Category:Red Hat Local Security Checks
Title:RedHat Update for ruby RHSA-2013:1764-01
Summary:The remote host is missing an update for the 'ruby'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'ruby'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Ruby is an extensible, interpreted, object-oriented, scripting language.
It has features to process text files and to perform system management
tasks.

A buffer overflow flaw was found in the way Ruby parsed floating point
numbers from their text representation. If an application using Ruby
accepted untrusted input strings and converted them to floating point
numbers, an attacker able to provide such input could cause the application
to crash or, possibly, execute arbitrary code with the privileges of the
application. (CVE-2013-4164)

All ruby users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.

Affected Software/OS:
ruby on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4164
http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
BugTraq ID: 63873
http://www.securityfocus.com/bid/63873
Debian Security Information: DSA-2809 (Google Search)
http://www.debian.org/security/2013/dsa-2809
Debian Security Information: DSA-2810 (Google Search)
http://www.debian.org/security/2013/dsa-2810
http://osvdb.org/100113
RedHat Security Advisories: RHSA-2013:1763
http://rhn.redhat.com/errata/RHSA-2013-1763.html
RedHat Security Advisories: RHSA-2013:1764
http://rhn.redhat.com/errata/RHSA-2013-1764.html
RedHat Security Advisories: RHSA-2013:1767
http://rhn.redhat.com/errata/RHSA-2013-1767.html
RedHat Security Advisories: RHSA-2014:0011
http://rhn.redhat.com/errata/RHSA-2014-0011.html
RedHat Security Advisories: RHSA-2014:0215
http://rhn.redhat.com/errata/RHSA-2014-0215.html
http://secunia.com/advisories/55787
http://secunia.com/advisories/57376
SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html
SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html
SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html
http://www.ubuntu.com/usn/USN-2035-1
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.