Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1157
HistoryAug 27, 2006 - 12:00 a.m.

ruby1.8

2006-08-2700:00:00
Google
osv.dev
15

EPSS

0.049

Percentile

92.9%

JSON

Several vulnerabilities have been discovered in the interpreter for the
Ruby language, which may lead to the bypass of security restrictions or
denial of service. The Common Vulnerabilities and Exposures project
identifies the following problems:

  • CVE-2006-1931
    It was discovered that the use of blocking sockets can lead to denial
    of service.
  • CVE-2006-3964
    It was discovered that Ruby does not properly maintain “safe levels”
    for aliasing, directory accesses and regular expressions, which might
    lead to a bypass of security restrictions.

For the stable distribution (sarge) these problems have been fixed in
version 1.8.2-7sarge4.

For the unstable distribution (sid) these problems have been fixed in
version 1.8.4-3.

We recommend that you upgrade your Ruby packages.

Related

debian 1
nessus 6
openvas 4
nvd 2
centos 1
cvelist 2
exploitdb 2
cve 2
gentoo 1
redhat 1
ubuntucve 1
ubuntu 1
prion 1
debian
debian
[SECURITY] [DSA 1157-1] New ruby1.8 packages fix several vulnerabilities
2006-08-27 19:51:21
nessus
nessus
Debian DSA-1157-1 : ruby1.8 - several vulnerabilities
2006-10-14 00:00:00
RHEL 4 : ruby (RHSA-2006:0427)
2006-05-13 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : ruby1.8 vulnerability (USN-273-1)
2006-04-26 00:00:00
openvas
openvas
Debian Security Advisory DSA 1157-1 (ruby1.8)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1157)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200605-11 (ruby)
2008-09-24 00:00:00
nvd
nvd
CVE-2006-3964
2006-08-01 22:04:00
CVE-2006-1931
2006-04-20 21:02:00
centos
centos
irb, ruby security update
2006-05-09 13:14:56
cvelist
cvelist
CVE-2006-3964
2006-08-01 22:00:00
CVE-2006-1931
2006-04-20 21:00:00
exploitdb
exploitdb
Banex PHP MySQL Banner Exchange 2.21 - 'members.php?cfg_root' Remote File Inclusion
2006-07-31 00:00:00
Yukihiro Matsumoto Ruby 1.x - XMLRPC Server Denial of Service
2006-04-21 00:00:00
cve
cve
CVE-2006-3964
2006-08-01 22:04:00
CVE-2006-1931
2006-04-20 21:02:00
gentoo
gentoo
Ruby: Denial of service
2006-05-10 00:00:00
redhat
redhat
(RHSA-2006:0427) ruby security update
2006-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2006-1931
2006-04-20 00:00:00
ubuntu
ubuntu
Ruby vulnerability
2006-04-24 00:00:00
prion
prion
Design/Logic Flaw
2006-04-20 21:02:00

EPSS

0.049

Percentile

92.9%

JSON
Related for OSV:DSA-1157
debian1nessus6openvas4nvd2centos1cvelist2exploitdb2cve2gentoo1redhat1ubuntucve1ubuntu1prion1