Page 5 of 34 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, los métodos UNIXServer.open y UNIXSocket.open no se comprueban en busca de caracteres null. Podría estar relacionado con un socket no planeado. It was found that the UNIXSocket::open and UNIXServer::open ruby methods did not handle the NULL byte properly. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securityfocus.com/bid/103767 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html https://lists.debian.org/debian-lts-announce/2018/04/msg00024.html& • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •

CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, los métodos Dir.open, Dir.new, Dir.entries y Dir.empty? no comprueban los caracteres NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securityfocus.com/bid/103739 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata&#x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption). En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, un atacante puede pasar una petición HTTP larga con una cabecera manipulada al servidor WEBrick o un cuerpo manipulado al servidor/manipulador WEBrick y provocar una denegación de servicio (consumo de memoria). It was found that WEBrick could be forced to use an excessive amount of memory during the processing of HTTP requests, leading to a Denial of Service. An attacker could use this flaw to send huge requests to a WEBrick application, resulting in the server running out of memory. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securityfocus.com/bid/103683 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata&#x • CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 1

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely. La función lazy_initialize en lib/resolv.rb en Ruby hasta la versión 2.4.3 utiliza Kernel#open, lo que podría permitir ataques de inyección de comandos, tal y como demuestra un argumento Resolv::Hosts::new que comience con un carácter "|". Esta es una vulnerabilidad diferente a CVE-2017-17405. NOTA: es altamente improbable que se den situaciones con entradas no fiables. • https://access.redhat.com/errata/RHSA-2018:0378 https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0584 https://access.redhat.com/errata/RHSA-2018:0585 https://github.com/ruby/ruby/pull/1777 https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html https://www.debian.org/security/2018/ds • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.3EPSS: 89%CPEs: 17EXPL: 1

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default value of localfile is File.basename(remotefile), so malicious FTP servers could cause arbitrary command execution. Ruby en versiones anteriores a la 2.4.3 permite la inyección de comandos Net::FTP. • https://www.exploit-db.com/exploits/43381 http://www.securityfocus.com/bid/102204 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:0378 https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0584 https://access.redhat.com/errata/RHSA-2018:0585 https://access.redhat.com/errata/RHSA-2019:2806 https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html https://lists.debian.org/debian-lts-announce • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •