5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.196 Low
EPSS
Percentile
96.3%
Issue Overview:
It was discovered that Ruby’s REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)
It was found that the RHSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)
The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. (CVE-2011-1005)
Affected Packages:
ruby
Issue Correction:
Run yum update ruby to update your system.
New Packages:
i686:
ruby-ri-1.8.7.371-2.25.amzn1.i686
ruby-1.8.7.371-2.25.amzn1.i686
ruby-devel-1.8.7.371-2.25.amzn1.i686
ruby-libs-1.8.7.371-2.25.amzn1.i686
ruby-static-1.8.7.371-2.25.amzn1.i686
ruby-debuginfo-1.8.7.371-2.25.amzn1.i686
noarch:
ruby-irb-1.8.7.371-2.25.amzn1.noarch
ruby-rdoc-1.8.7.371-2.25.amzn1.noarch
src:
ruby-1.8.7.371-2.25.amzn1.src
x86_64:
ruby-ri-1.8.7.371-2.25.amzn1.x86_64
ruby-libs-1.8.7.371-2.25.amzn1.x86_64
ruby-static-1.8.7.371-2.25.amzn1.x86_64
ruby-1.8.7.371-2.25.amzn1.x86_64
ruby-devel-1.8.7.371-2.25.amzn1.x86_64
ruby-debuginfo-1.8.7.371-2.25.amzn1.x86_64
Red Hat: CVE-2011-1005, CVE-2012-4481, CVE-2013-1821
Mitre: CVE-2011-1005, CVE-2012-4481, CVE-2013-1821
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | ruby-ri | < 1.8.7.371-2.25.amzn1 | ruby-ri-1.8.7.371-2.25.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | ruby | < 1.8.7.371-2.25.amzn1 | ruby-1.8.7.371-2.25.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | ruby-devel | < 1.8.7.371-2.25.amzn1 | ruby-devel-1.8.7.371-2.25.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | ruby-libs | < 1.8.7.371-2.25.amzn1 | ruby-libs-1.8.7.371-2.25.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | ruby-static | < 1.8.7.371-2.25.amzn1 | ruby-static-1.8.7.371-2.25.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | ruby-debuginfo | < 1.8.7.371-2.25.amzn1 | ruby-debuginfo-1.8.7.371-2.25.amzn1.i686.rpm |
Amazon Linux | 1 | noarch | ruby-irb | < 1.8.7.371-2.25.amzn1 | ruby-irb-1.8.7.371-2.25.amzn1.noarch.rpm |
Amazon Linux | 1 | noarch | ruby-rdoc | < 1.8.7.371-2.25.amzn1 | ruby-rdoc-1.8.7.371-2.25.amzn1.noarch.rpm |
Amazon Linux | 1 | x86_64 | ruby-ri | < 1.8.7.371-2.25.amzn1 | ruby-ri-1.8.7.371-2.25.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | ruby-libs | < 1.8.7.371-2.25.amzn1 | ruby-libs-1.8.7.371-2.25.amzn1.x86_64.rpm |