Lucene search
RedHatRHSA-2004:635HistoryJan 17, 2005 - 12:00 a.m.
(RHSA-2004:635) ruby security update
2005-01-1700:00:00
access.redhat.com
12
EPSS
0.024
Percentile
90.0%
Ruby is an interpreted scripting language for object-oriented programming.
A flaw was dicovered in the CGI module of Ruby. If empty data is sent by
the POST method to the CGI script which requires MIME type
multipart/form-data, it can get stuck in a loop. A remote attacker could
trigger this flaw and cause a denial of service. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0983 to this issue.
Users are advised to upgrade to this erratum package, which contains a
backported patch to cgi.rb.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ia64 | irb | < 1.6.8-9.EL3.3 | irb-1.6.8-9.EL3.3.ia64.rpm |
| RedHat | any | i386 | ruby-mode | < 1.6.8-9.EL3.3 | ruby-mode-1.6.8-9.EL3.3.i386.rpm |
| RedHat | any | s390x | ruby | < 1.6.8-9.EL3.3 | ruby-1.6.8-9.EL3.3.s390x.rpm |
| RedHat | any | ia64 | ruby-mode | < 1.6.8-9.EL3.3 | ruby-mode-1.6.8-9.EL3.3.ia64.rpm |
| RedHat | any | i386 | ruby-docs | < 1.6.8-9.EL3.3 | ruby-docs-1.6.8-9.EL3.3.i386.rpm |
| RedHat | any | s390x | ruby-mode | < 1.6.8-9.EL3.3 | ruby-mode-1.6.8-9.EL3.3.s390x.rpm |
| RedHat | any | ia64 | ruby-libs | < 1.6.8-9.EL3.3 | ruby-libs-1.6.8-9.EL3.3.ia64.rpm |
| RedHat | any | ppc | ruby-tcltk | < 1.6.8-9.EL3.3 | ruby-tcltk-1.6.8-9.EL3.3.ppc.rpm |
| RedHat | any | i386 | irb | < 1.6.4-2.AS21.1 | irb-1.6.4-2.AS21.1.i386.rpm |
| RedHat | any | s390 | ruby-docs | < 1.6.8-9.EL3.3 | ruby-docs-1.6.8-9.EL3.3.s390.rpm |
Related
debian
debian
[SECURITY] [DSA 586-1] New ruby packages fix denial of service
2004-11-08 09:36:34
[SECURITY] [DSA 586-1] New ruby packages fix denial of service
2004-11-08 09:36:34
cvelist
cvelist
CVE-2004-0983
2004-11-19 05:00:00
nessus
nessus
GLSA-200411-23 : Ruby: Denial of Service issue
2004-11-16 00:00:00
FreeBSD : ruby -- CGI DoS (d656296b-33ff-11d9-a9e7-0001020eed82)
2009-04-23 00:00:00
FreeBSD : ruby -- CGI DoS (171)
2004-11-23 00:00:00
openvas
openvas
Debian Security Advisory DSA 586-1 (ruby)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-586-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-20-1)
2022-08-26 00:00:00
freebsd
freebsd
ruby -- CGI DoS
2004-11-06 00:00:00
ubuntucve
ubuntucve
CVE-2004-0983
2005-03-01 00:00:00
gentoo
gentoo
Ruby: Denial of Service issue
2004-11-16 00:00:00
ubuntu
ubuntu
Ruby CGI module vulnerability
2004-11-09 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 586-1] New ruby packages fix denial of service
2004-11-09 00:00:00
osv
osv
ruby - infinite loop
2004-11-08 00:00:00
cve
cve
CVE-2004-0983
2005-03-01 05:00:00
nvd
nvd
CVE-2004-0983
2005-03-01 05:00:00