exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2018-8779

Status Candidate

Overview

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket.

Related Files

Red Hat Security Advisory 2019-2028-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2028-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | af7ea0f16d842acd5f9542998eec45ad2db90757e380ffb121da8f0487dca24d
Red Hat Security Advisory 2018-3731-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3731-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | 67960d69e88fb6e819f1aed911deeb9a04df23e739ae31cebcff7618004f0b0f
Red Hat Security Advisory 2018-3730-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3730-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | 5974e59d03ede1e205bc6f92b04e3d4d0be271c53073850c54f2227ff9bf7374
Red Hat Security Advisory 2018-3729-01
Posted Nov 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3729-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, ruby
systems | linux, redhat
advisories | CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | 50842ce6db655529d85f25aace87d1c36085f22eb7f5436231ccd6f4207b1c4a
Debian Security Advisory 4259-1
Posted Aug 1, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4259-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure.

tags | advisory, web, vulnerability, info disclosure, ruby
systems | linux, debian
advisories | CVE-2017-17405, CVE-2017-17742, CVE-2017-17790, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | d33343f810ff24dbefc65b8198d9e85d3209de1850624590fe3b6563d70fab27
Ubuntu Security Notice USN-3626-1
Posted Apr 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3626-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to connect to an unintended socket. Various other issues were also addressed.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2018-6914, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | ef0daac817c814813e6e0872b534f7551f133d2e4eb2b05ea2a0500948d6d3a1
Slackware Security Advisory - ruby Updates
Posted Mar 30, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ruby packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory, ruby
systems | linux, slackware
advisories | CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780
SHA-256 | afc1138533c4692071757aac8861ccc77d0fa21aca64028c483c0940b897af84
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close