Pardus Linux Security Advisory 2008.21

Pardus Linux Security Advisory 2008.21: Posted Aug 13, 2008; Authored by Pardus Linux, Pardus; Pardus Linux Security Advisory - Multiple vulnerabilities have been discovered in Ruby: several vulnerabilities in safe level, DoS vulnerability in WEBrick, Lack of taintness check in dl and DNS spoofing vulnerability in resolv.rb.; tags | advisory, denial of service, spoof, vulnerability, ruby; systems | linux; SHA-256 | a3485348dd6752076c34dc92849c09f1be4a2d7a218d600345b59342a9ee3ca2; Download | Favorite | View

Pardus Linux Security Advisory 2008.21

------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-21            security@pardus.org.tr
------------------------------------------------------------------------
       Date: 2008-08-12
   Severity: 3
       Type: Remote
------------------------------------------------------------------------

Summary
=======

Multiple  vulnerabilities have  been  discovered  in   Ruby:   several
vulnerabilities in safe level, DoS vulnerability in  WEBrick,  Lack  of
taintness check in dl and DNS spoofing vulnerability in resolv.rb.


Description
===========

== Several vulnerabilities in safe level ==

Multiple errors in the implementation of safe level restrictions can be
exploited to call "untrace_var()", perform syslog operations, and modify
"$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels
1 through 3.

(These vulnerabilities were reported by Keita Yamaguchi.)


== DoS vulnerability in WEBrick ==

An   error exists   in   the   usage   of   regular   expressions   in
"WEBrick::HTTPUtils.split_header_value()".  This can  be  exploited  to
consume large amounts of CPU via a specially crafted HTTP request.

(This vulnerability was reported by Christian Neukirchen.)


== Lack of taintness check in dl ==

An error in "DL" can be exploited to bypass security  restrictions  and
call potentially dangerous functions.

(This vulnerability was reported by sheepman.)


== DNS spoofing vulnerability in resolv.rb ==

The  vulnerability is  caused  due  to  resolv.rb   not   sufficiently
randomising the DNS query port number, which can be exploited to poison
the DNS cache.

(This vulnerability was reported by Tanaka Akira.)


Affected packages:

   Pardus 2008:
     ruby, all before 1.8.7_p72-16-4
     ruby-mode, all before 1.8.7_p72-16-4

   Pardus 2007:
     ruby, all before 1.8.7_p72-16-13
     ruby-mode, all before 1.8.7_p72-16-4



Resolution
==========

There are update(s) for ruby, ruby-mode. You can update them via Package
Manager or with a single command from console:

   Pardus 2008:
     pisi up ruby ruby-mode

   Pardus 2007:
     pisi up ruby ruby-mode


References
==========

   * http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby
   * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
   * http://secunia.com/advisories/31430/

------------------------------------------------------------------------

-- 
Pınar Yanardağ
http://pinguar.org

Top Authors In Last 30 Days

Red Hat 255 files
indoushka 93 files
Ubuntu 89 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,099)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,756)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,521)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,747)
UNIX (9,436)
UnixWare (187)
Windows (6,674)
Other

Pardus Linux Security Advisory 2008.21

Pardus Linux Security Advisory 2008.21

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Pardus Linux Security Advisory 2008.21

Share This

Pardus Linux Security Advisory 2008.21

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems