Download
| Alert*
|
oval:org.secpod.oval:def:700404
It was discovered that Ruby did not properly validate certificates. An attacker could exploit this and present invalid or revoked X.509 certificates. It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial ... oval:org.secpod.oval:def:400065 The DHCP client could be crashed by a malicious DHCP server sending an overlong subnet field CVE-2009-0692. In theory a malicious DHCP server could exploit the flaw to execute arbitrary code as root on machines using dhclient to obtain network settings. Newer distributions do have buffer overflow ... oval:org.secpod.oval:def:202197 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module att ... oval:org.secpod.oval:def:202022 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module att ... oval:org.secpod.oval:def:102078 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:600381 Several vulnerabilities have been discovered in Ruby. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0642 The return value from the OCSP_basic_verify function was not checked properly, allowing continued use of a revoked certificate. CVE-2009-1904 An iss ... oval:org.secpod.oval:def:700195 Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not properly sanitize ... oval:org.secpod.oval:def:300585 Multiple vulnerabilities was discovered and corrected in ruby: ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revok ... oval:org.secpod.oval:def:300771 The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem. oval:org.secpod.oval:def:300747 The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service by re-LOAD-ing libraries from a certain plugins directory . The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8. ... oval:org.secpod.oval:def:3848 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a string argument that represents a large number. Successful exploitation could allow remote attackers to crash the service. oval:org.mitre.oval:def:7853 Several vulnerabilities have been discovered in Ruby. The Common Vulnerabilities and Exposures project identifies the following problems: The return value from the OCSP_basic_verify function was not checked properly, allowing continued use of a revoked certificate. An issue in parsing BigDecimal num ... oval:org.secpod.oval:def:500542 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module att ... oval:org.secpod.oval:def:100423 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. |
