CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
93.4%
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass “safe level” checks via unspecified vectors involving (1) the alias function and (2) “directory operations”.
Vendor | Product | Version | CPE |
---|---|---|---|
yukihiro_matsumoto | ruby | 1.8.2 | cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2:*:*:*:*:*:*:* |
yukihiro_matsumoto | ruby | 1.8.3 | cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.3:*:*:*:*:*:*:* |
yukihiro_matsumoto | ruby | 1.8.4 | cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.4:*:*:*:*:*:*:* |
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
jvn.jp/jp/JVN%2313947696/index.html
jvn.jp/jp/JVN%2383768862/index.html
lists.freebsd.org/pipermail/freebsd-security/2006-July/003907.html
lists.freebsd.org/pipermail/freebsd-security/2006-July/003915.html
secunia.com/advisories/21009
secunia.com/advisories/21233
secunia.com/advisories/21236
secunia.com/advisories/21272
secunia.com/advisories/21337
secunia.com/advisories/21598
secunia.com/advisories/21657
secunia.com/advisories/21749
www.debian.org/security/2006/dsa-1139
www.debian.org/security/2006/dsa-1157
www.mandriva.com/security/advisories?name=MDKSA-2006:134
www.novell.com/linux/security/advisories/2006_21_sr.html
www.osvdb.org/27144
www.osvdb.org/27145
www.redhat.com/support/errata/RHSA-2006-0604.html
www.securityfocus.com/bid/18944
www.ubuntu.com/usn/usn-325-1
www.vupen.com/english/advisories/2006/2760
exchange.xforce.ibmcloud.com/vulnerabilities/27725
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9983