Showing 1 - 8 of 8

CVE-2017-17742

Status Candidate

Overview

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.

Related Files

Red Hat Security Advisory 2018-3731-01: Posted Nov 30, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-3731-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, ruby; systems | linux, redhat; advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780; MD5 | d886b0561d5de848dd645b607873d4c9; Download | Favorite | Comments (0)

Red Hat Security Advisory 2018-3730-01: Posted Nov 30, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-3730-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, ruby; systems | linux, redhat; advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780; MD5 | 928cb22a25c79f7c4549eddb2a4fcf7f; Download | Favorite | Comments (0)

Red Hat Security Advisory 2018-3729-01: Posted Nov 30, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-3729-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, ruby; systems | linux, redhat; advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780; MD5 | 9e1a463c11457fad95d3d1a9a42945d8; Download | Favorite | Comments (0)

Apple Security Advisory 2018-10-30-14: Posted Oct 31, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-10-30-14 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan address buffer overflow, code execution, denial of service, information leakage, and null pointer vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17742, CVE-2018-3665, CVE-2018-4178, CVE-2018-4248, CVE-2018-4259, CVE-2018-4268, CVE-2018-4269, CVE-2018-4276, CVE-2018-4277, CVE-2018-4280, CVE-2018-4283, CVE-2018-4285, CVE-2018-4286, CVE-2018-4287, CVE-2018-4288, CVE-2018-4289, CVE-2018-4291, CVE-2018-4293, CVE-2018-5383, CVE-2018-6797, CVE-2018-6913, CVE-2018-6914, CVE-2018-8777; MD5 | f1dbc0bc60d79fd4e3c5f0b9d2264c9e; Download | Favorite | Comments (0)

Apple Security Advisory 2018-10-30-2: Posted Oct 31, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-10-30-2 - macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address buffer overflow, code execution, denial of service, and information leakage vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2017-10784, CVE-2017-12613, CVE-2017-12618, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17742, CVE-2018-3639, CVE-2018-3640, CVE-2018-3646, CVE-2018-4126, CVE-2018-4153, CVE-2018-4203, CVE-2018-4242, CVE-2018-4259, CVE-2018-4286, CVE-2018-4287, CVE-2018-4288, CVE-2018-4291, CVE-2018-4295, CVE-2018-4304, CVE-2018-4308, CVE-2018-4310, CVE-2018-4326, CVE-2018-4331, CVE-2018-4334, CVE-2018-4340; MD5 | 8c8e8b2371c732c8c18cc33fbce89068; Download | Favorite | Comments (0)

Debian Security Advisory 4259-1: Posted Aug 1, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4259-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure.; tags | advisory, web, vulnerability, info disclosure, ruby; systems | linux, debian; advisories | CVE-2017-17405, CVE-2017-17742, CVE-2017-17790, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780; MD5 | a76e5483b8c8bfad98c37d0bb78f7568; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-3685-1: Posted Jun 14, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3685-1 - Some of these CVEs were already addressed in previous USN: 3439-1, 3553-1, 3528-1. It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. It was discovered that Ruby incorrectly handled certain files. An attacker could use this to overwrite any file on the filesystem. Various other issues were also addressed.; tags | advisory, overflow, ruby; systems | linux, ubuntu; advisories | CVE-2017-0898, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064, CVE-2017-17742, CVE-2018-1000074, CVE-2018-8777; MD5 | 8e3eaae5e55f5657e198a4d0014a7723; Download | Favorite | Comments (0)

Slackware Security Advisory - ruby Updates: Posted Mar 30, 2018; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New ruby packages are available for Slackware 14.2 and -current to fix security issues.; tags | advisory, ruby; systems | linux, slackware; advisories | CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780; MD5 | feba16a50f2b95441d3f838cd3d928e0; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

KingSkrupellos 92 files
Ubuntu 41 files
Red Hat 40 files
Debian 24 files
Ihsan Sencan 23 files
Google Security Research 19 files
Ozer Goker 16 files
Rafael Pedrero 15 files
Apple 11 files
Tim Coen 11 files

File Archives

Systems

AIX (413)
Apple (1,619)
BSD (343)
Cisco (1,839)
Debian (5,695)
Fedora (1,684)
FreeBSD (1,206)
Gentoo (3,639)
HPUX (868)
iOS (205)
iPhone (104)
IRIX (219)
Juniper (67)
Linux (34,746)
Mac OS X (656)
Mandriva (3,105)
NetBSD (255)
OpenBSD (459)
RedHat (7,046)
Slackware (881)
Solaris (1,579)
SUSE (1,444)
Ubuntu (5,995)
UNIX (8,408)
UnixWare (175)
Windows (5,439)
Other

CVE-2017-17742

Overview

Related Files

File Archive:

February 2019

Top Authors In Last 30 Days

File Tags

File Archives

Systems