Page 18 of 105 results (0.017 seconds)

CVSS: 7.5EPSS: 39%CPEs: 47EXPL: 4

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3. Ruby versiones 1.8.5 y anteriores, versiones 1.8.6 hasta 1.8.6-p286, versiones 1.8.7 hasta 1.8.7-p71, y versiones 1.9 hasta r18423, no restringe apropiadamente el acceso a variables y métodos críticos en varios niveles seguros, lo que permite a los atacantes dependiendo del contexto omitir las restricciones de acceso previstas por medio de (1) untrace_var, (2) $PROGRAM_NAME, y (3) syslog en nivel seguro 4 y (4) métodos no confiables en los niveles seguros 1 a 3. • https://www.exploit-db.com/exploits/32224 https://www.exploit-db.com/exploits/32223 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/31430 http://secunia.com/advisories/31697 http://secunia.com/advisories/32165 http://secunia.com/advisories/32219 http://secunia.com/advisories/32255 http://secunia.com/advisories/32256 http://secunia.com/advisories/32371 http:// • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 14%CPEs: 43EXPL: 2

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression. Una vulnerabilidad de complejidad algorítmica en la función WEBrick::HTTPUtils.split_header_value en WEBrick::HTTP::DefaultFileHandler en WEBrick en Ruby versiones 1.8.5 y anteriores, versiones 1.8.6 hasta 1.8.6-p286, versiones 1.8.7 hasta 1.8.7-p71, y versiones 1.9 hasta r18423, permite a los atacantes dependiendo del contexto causar una denegación de servicio (consumo de CPU) por medio de una petición HTTP diseñada que se procesa mediante una expresión regular backtracking. The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7 to 1.8.7-p71, and 1.9 to r18423 allows for a DoS (CPU consumption) via a crafted HTTP request. • https://www.exploit-db.com/exploits/32222 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/31430 http://secunia.com/advisories/31697 http://secunia.com/advisories/32165 http://secunia.com/advisories/32219 http://secunia.com/advisories/32255 http://secunia.com/advisories/32256 http://secunia.com/advisories/32371 http://secunia.com/advisories/33178 http://secunia.c • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows. Desbordamiento de entero en la función rb_ary_fill en array.c en Ruby antes de la revisión 17756 que permite a los atacantes dependientes de contesto causar una denegación de servicios (caída) o posiblemente otro impacto no especificado a través de la llamada al método Arrray#fill con un argumento de entrada (alias beg) mayor que ARY_MAX_SIZE NOTA: esto existe por un parche incompleto para otros desbordamientos de enteros • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://secunia.com/advisories/30927 http://secunia.com/advisories/31006 http://secunia.com/advisories/31062 http://secunia.com/advisories/31090 http://secunia.com/advisories/31181 http://secunia.com/advisories/31256 http://secunia.com/advisories/32219 http://secunia.com/advisories/33178 http://security.gentoo.org/glsa/glsa-200812-17.xml http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision&# • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change. La función rb_str_format en Ruby 1.8.4 y anteriores, 1.8.5 anterior a 1.8.5-p231, 1.8.6 anterior a 1.8.6-p230, 1.8.7 anterior a 1.8.7-p22 y 1.9.0 anterior a 1.9.0-2 permite a atacantes dependientes del contexto disparar una corrupción de memoria mediante vectores no especificados relacionados con alloca, un problema distinto a CVE-2008-2662, CVE-2008-2663 y CVE-2008-2725. NOTA: a fecha de 24-06-2008, ha habido un uso inconsistente de múltiples identificadores CVE relacionados con Ruby. • http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/30802 http://secunia.com/advisories/30831 http://secunia.com/advisories/30867 http://secunia.com/advisories/30875 http://secunia.com/advisories/30894 http://secunia.com/advisories/31062 http://secunia • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0

Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change. Múltiples desbordamientos de entero en la función rb_str_buf_append de Ruby 1.8.4 y anteriores, 1.8.5 antes de 1.8.5-p231, 1.8.6 anterior a 1.8.6-p230, 1.8.7 anterior a 1.8.7-p22 y 1.9.0 antes de 1.9.0-2 permite a atacantes dependientes del contexto ejecutar código de su elección o provocar una denegación de servicio mediante vectores desconocidos que disparan una corrupción de memoria, un problema distinto a CVE-2008-2663, CVE-2008-2664 y CVE-2008-2725. NOTA: a fecha de 24-06-2008, ha habido un uso inconsistente de múltiples identificadores CVE relacionados con Ruby. • http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/30802 http://secunia.com/advisories/30831 http://secunia.com/advisories/30867 http://secunia.com/advisories/30875 http://secunia.com/advisories/30894 http://secunia.com/advisories/31062 http://secunia • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •