Lucene search

MitreCVE-2004-0983

HistoryMar 01, 2005 - 5:00 a.m.

CVE-2004-0983

2005-03-0105:00:00

mitre

web.nvd.nist.gov

cve-2004-0983

ruby

cgi module

denial of service

remote attackers

http request

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.024

Percentile

90.0%

JSON

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

Affected configurations

Nvd

Node

yukihiro_matsumotorubyMatch1.6

yukihiro_matsumotorubyMatch1.6.7

yukihiro_matsumotorubyMatch1.8

yukihiro_matsumotorubyMatch1.8.1

yukihiro_matsumotorubyMatch1.8.2_pre1

yukihiro_matsumotorubyMatch1.8.2_pre2

Node

gentoolinux

mandrakesoftmandrake_linuxMatch9.2

mandrakesoftmandrake_linuxMatch9.2amd64

mandrakesoftmandrake_linuxMatch10.0

mandrakesoftmandrake_linuxMatch10.0amd64

mandrakesoftmandrake_linuxMatch10.1

mandrakesoftmandrake_linuxMatch10.1x86_64

mandrakesoftmandrake_linux_corporate_serverMatch2.1

mandrakesoftmandrake_linux_corporate_serverMatch2.1x86_64

ubuntuubuntu_linuxMatch4.1ia64

ubuntuubuntu_linuxMatch4.1ppc

VendorProductVersionCPE
yukihiro_matsumotoruby1.6cpe:2.3:a:yukihiro_matsumoto:ruby:1.6:*:*:*:*:*:*:*
yukihiro_matsumotoruby1.6.7cpe:2.3:a:yukihiro_matsumoto:ruby:1.6.7:*:*:*:*:*:*:*
yukihiro_matsumotoruby1.8cpe:2.3:a:yukihiro_matsumoto:ruby:1.8:*:*:*:*:*:*:*
yukihiro_matsumotoruby1.8.1cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.1:*:*:*:*:*:*:*
yukihiro_matsumotoruby1.8.2_pre1cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2_pre1:*:*:*:*:*:*:*
yukihiro_matsumotoruby1.8.2_pre2cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2_pre2:*:*:*:*:*:*:*
gentoolinux*cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
mandrakesoftmandrake_linux9.2cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
mandrakesoftmandrake_linux9.2cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*
mandrakesoftmandrake_linux10.0cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
yukihiro_matsumoto	ruby	1.6	cpe:2.3:a:yukihiro_matsumoto:ruby:1.6:::::::*
yukihiro_matsumoto	ruby	1.6.7	cpe:2.3:a:yukihiro_matsumoto:ruby:1.6.7:::::::*
yukihiro_matsumoto	ruby	1.8	cpe:2.3:a:yukihiro_matsumoto:ruby:1.8:::::::*
yukihiro_matsumoto	ruby	1.8.1	cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.1:::::::*
yukihiro_matsumoto	ruby	1.8.2_pre1	cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2_pre1:::::::*
yukihiro_matsumoto	ruby	1.8.2_pre2	cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2_pre2:::::::*
gentoo	linux	*	cpe:2.3:o:gentoo:linux::::::::
mandrakesoft	mandrake_linux	9.2	cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:::::::*
mandrakesoft	mandrake_linux	9.2	cpe:2.3:o:mandrakesoft:mandrake_linux:9.2::amd64:::::
mandrakesoft	mandrake_linux	10.0	cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:::::::*