what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 609 RSS Feed

Ruby Files

AIEngine 2.4.0
Posted Jun 1, 2023
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Support natively of nefilter on the PacketDispatcher on linux systems. Allow more flexible API query parameters on the api. Allow to see in real time over the Rest API the L7 payloads of selected flows. Improvements on the TCP QoS metrics.Flow drop packets and bytes now available. Fix an issue with RST and ICMP unreach with network devices. Support for IP on GRE tunnels.
tags | tool, java, python, ruby
systems | unix
SHA-256 | 9592ddac406040974faa1b34a459f123d010fd293a18114a8468d871b7825c7b
Red Hat Security Advisory 2023-3291-01
Posted May 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3291-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-33621, CVE-2023-28755, CVE-2023-28756
SHA-256 | 20dec59adcb39ef2916d6cca7cd13c8ca58d1f5b2b3c7506b88fe76014af5ad2
Ubuntu Security Notice USN-6087-1
Posted May 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6087-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755, CVE-2023-28756
SHA-256 | cc361b6847f2850db6412282b2a465949ce6e489bc3be40573658c7db61eda9b
Ubuntu Security Notice USN-6055-2
Posted May 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6055-2 - USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755
SHA-256 | ada5c9e435b07122b3ea37aaeeff4ec44d8a5abb8e17dfa44d63ad098d9107d3
Ubuntu Security Notice USN-6055-1
Posted May 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2023-28755, CVE-2023-28756
SHA-256 | 57cc9e7412e527b063da950b49c9036f3f360426a199720cba2c4ff74ccb4925
Debian Security Advisory 5389-1
Posted Apr 17, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5389-1 - Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting (CRS). This update also fixes a regression introduced in previous update that may block certain access for apps using development environment.

tags | advisory, web, vulnerability, xss, ruby
systems | linux, debian
advisories | CVE-2023-23913, CVE-2023-28120
SHA-256 | 74d22f237334eaa35ef53eabd71db5ab39812d288737dc9a32864fea7cc87905
Red Hat Security Advisory 2023-1486-01
Posted Mar 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1486-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, code execution, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, python, ruby
systems | linux, redhat
advisories | CVE-2022-24790, CVE-2022-30122, CVE-2022-30123, CVE-2022-31129, CVE-2022-31163
SHA-256 | 34681b3994f7696e63749c33f2b4943d1f3991726eb9aa72976cb927c1014ab6
Ubuntu Security Notice USN-5806-3
Posted Mar 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5806-3 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.

tags | advisory, web, cgi, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2021-33621
SHA-256 | 2946affe6446c720209e8c8a6781b9e746e6210d18a5a939af4608b1e97f3dfd
Debian Security Advisory 5372-1
Posted Mar 13, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5372-1 - Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect.

tags | advisory, web, ruby
systems | linux, debian
advisories | CVE-2021-22942, CVE-2021-44528, CVE-2022-21831, CVE-2022-22577, CVE-2022-23633, CVE-2022-27777, CVE-2023-22792, CVE-2023-22794, CVE-2023-22795, CVE-2023-22796
SHA-256 | 44ed6f4160efe547c9a47f4f62db177c265c289c98a029bb8114b3fa4bca4f1f
Debian Security Advisory 5360-1
Posted Feb 24, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5360-1 - Xi Lu discovered that missing input sanitising in Emacs (in etags, the Ruby mode and htmlfontify) could result in the execution of arbitrary shell commands.

tags | advisory, arbitrary, shell, ruby
systems | linux, debian
advisories | CVE-2022-48337, CVE-2022-48338, CVE-2022-48339
SHA-256 | 82d11ef9e76f7318d8a66038c6614675b087dfdc2b8d50aad0fe55d3dd74b5c7
AIEngine 2.3.0
Posted Feb 20, 2023
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Fixed minor issue with DomainNames with * on HTTP and SSL. Now shows the time of the data that is stored internally on FlowManagers and Protocols that has been flushed. Now controls the number of elements that can be shown on the protocols over the API (limit parameter). Now sends IPCs message queue on python callback flows. Improvements made on the DNS protocol with more dns fields.
tags | tool, java, python, ruby
systems | unix
SHA-256 | 65c5483016570ea2fd986c9fd302001786b8924e7bfe294e0bbbd46f415bf974
Hikvision Remote Code Execution / XSS / SQL Injection
Posted Jan 31, 2023
Authored by Thurein Soe

Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.

tags | advisory, remote, arbitrary, vulnerability, code execution, xss, sql injection, ruby
advisories | CVE-2022-28171, CVE-2022-28172
SHA-256 | 9ef9e4e937841d3becdae9ba498b3199c7ac7dfcaea39831e8e5a468cd2d8f10
Ubuntu Security Notice USN-5806-2
Posted Jan 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5806-2 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.10. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.

tags | advisory, web, cgi, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2021-33621
SHA-256 | 5e9eaa591a250702e16d36f855a65138db55f846075d60d7208d9a3e346086a8
Ubuntu Security Notice USN-5806-1
Posted Jan 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5806-1 - Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.

tags | advisory, web, cgi, ruby
systems | linux, ubuntu
advisories | CVE-2021-33621
SHA-256 | 75ea48c38a96b7594dbd0877d422b431f6c885a45730d787e0fa46952d38d26c
Debian Security Advisory 5310-1
Posted Jan 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5310-1 - It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.

tags | advisory, remote, shell, ruby
systems | linux, debian
advisories | CVE-2022-24720
SHA-256 | 9114837e45c7440099d3923f2a43991909f94c975f31c25f4230d59e7dc5f0fa
Vagrant Synced Folder Vagrantfile Breakout
Posted Oct 27, 2022
Authored by Brendan Coles, HashiCorp | Site metasploit.com

This Metasploit module exploits a default Vagrant synced folder (shared folder) to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable vagrant directory on the guest virtual machine. This directory includes the project Vagrantfile configuration file. Ruby code within the Vagrantfile is loaded and executed when a user runs any vagrant command from the project directory on the host, leading to execution of Ruby code on the host.

tags | exploit, ruby
SHA-256 | 4aa68ef0141c22e4e2be0cd50c642945c2afd7a94ea98ee68a6375e6bd398e81
Red Hat Security Advisory 2022-6855-01
Posted Oct 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6855-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, double free, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-41816, CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739
SHA-256 | 23b2e4fec136d2b841752155cc897796ca8d6de598e56c894f584c758f0ea16e
Red Hat Security Advisory 2022-6856-01
Posted Oct 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6856-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-41816, CVE-2021-41817, CVE-2021-41819, CVE-2022-28739
SHA-256 | bb6ea318ab2029ce81a508f985027beddd25be215db4d7f00c698944641814f3
Red Hat Security Advisory 2022-6585-01
Posted Sep 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a double free vulnerability.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2022-28738, CVE-2022-28739
SHA-256 | 1ff122457a9752bdbfb6cb45ab90c6e6d019e61a2c3f8ef3642e2c8ea9b73161
Red Hat Security Advisory 2022-6447-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6447-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service and spoofing vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-41817, CVE-2021-41819, CVE-2022-28739
SHA-256 | a714de3eaf3a485724cf4aaca3389fd9847b067245c025269499321daae891aa
Red Hat Security Advisory 2022-6450-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6450-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service, double free, and spoofing vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739
SHA-256 | 64271aa943cadcf4f53769f49f2705c0658c289b46512a0840bf913803fc1cd1
Red Hat Security Advisory 2022-5779-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5779-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service and spoofing vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, ruby
systems | linux, redhat
advisories | CVE-2021-41817, CVE-2021-41819
SHA-256 | 01fe6dcd91920a9cb22a03c1c89fe0164eb2af76b1957d74cf7452270d04cd71
Red Hat Security Advisory 2022-5338-01
Posted Jul 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5338-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2022-28739
SHA-256 | b4a68cc58eca9da243167ff02e79915ee516758ed00c162a9cdd60a5051ec094
Ubuntu Security Notice USN-5462-2
Posted Jun 7, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5462-2 - USN-5462-1 fixed several vulnerabilities in Ruby. This update provides the corresponding CVE-2022-28739 update for ruby2.3 on Ubuntu 16.04 ESM. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2022-28739
SHA-256 | b47ace4598aa16889d8fd13a61ab6776251e8e1f05e571cdb335797d23e1ec0c
Ubuntu Security Notice USN-5462-1
Posted Jun 7, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5462-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2022-28738, CVE-2022-28739
SHA-256 | 93396c53d1b014d262f3aed6dacbfc8d58faaea61e4dae6cbadc94a05bec397a
Page 1 of 25
Back12345Next

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close