The version of ruby installed on the remote host is prior to 3.0.6 / 3.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-090-01 advisory.
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. (CVE-2023-28755)
A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. (CVE-2023-28756)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory SSA:2023-090-01. The text
# itself is copyright (C) Slackware Linux, Inc.
##
include('compat.inc');
if (description)
{
script_id(173764);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/31");
script_cve_id("CVE-2023-28755", "CVE-2023-28756");
script_name(english:"Slackware Linux 15.0 / current ruby Multiple Vulnerabilities (SSA:2023-090-01)");
script_set_attribute(attribute:"synopsis", value:
"The remote Slackware Linux host is missing a security update to ruby.");
script_set_attribute(attribute:"description", value:
"The version of ruby installed on the remote host is prior to 3.0.6 / 3.2.2. It is, therefore, affected by multiple
vulnerabilities as referenced in the SSA:2023-090-01 advisory.
- A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser
mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing
strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. (CVE-2023-28755)
- A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser
mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing
strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. (CVE-2023-28756)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"solution", value:
"Upgrade the affected ruby package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-28756");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:ruby");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:15.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Slackware Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
var flag = 0;
var constraints = [
{ 'fixed_version' : '3.0.6', 'product' : 'ruby', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i586' },
{ 'fixed_version' : '3.0.6', 'product' : 'ruby', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },
{ 'fixed_version' : '3.2.2', 'product' : 'ruby', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i586' },
{ 'fixed_version' : '3.2.2', 'product' : 'ruby', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }
];
foreach constraint (constraints) {
var pkg_arch = constraint['arch'];
var arch = NULL;
if (pkg_arch == "x86_64") {
arch = pkg_arch;
}
if (slackware_check(osver:constraint['os_version'],
arch:arch,
pkgname:constraint['product'],
pkgver:constraint['fixed_version'],
pkgarch:pkg_arch,
pkgnum:constraint['service_pack'])) flag++;
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : slackware_report_get()
);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
slackware | slackware_linux | ruby | p-cpe:/a:slackware:slackware_linux:ruby |
slackware | slackware_linux | cpe:/o:slackware:slackware_linux | |
slackware | slackware_linux | 15.0 | cpe:/o:slackware:slackware_linux:15.0 |