Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
BID:30036
Info
Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
| Bugtraq ID: | 30036 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2008-2376 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 01 2008 12:00AM |
| Updated: | Apr 13 2015 10:05PM |
| Credit: | Vincenzo Iozzo of Secure Network |
| Vulnerable: |
Yukihiro Matsumoto Ruby 1.9 -2 Yukihiro Matsumoto Ruby 1.9 -1 Yukihiro Matsumoto Ruby 1.9 Yukihiro Matsumoto Ruby 1.8.7 -p22 Yukihiro Matsumoto Ruby 1.8.7 -p21 Yukihiro Matsumoto Ruby 1.8.7 Yukihiro Matsumoto Ruby 1.8.6 -p230 Yukihiro Matsumoto Ruby 1.8.6 -p229 Yukihiro Matsumoto Ruby 1.8.6 -p114 Yukihiro Matsumoto Ruby 1.8.6 Yukihiro Matsumoto Ruby 1.8.5 -p231 Yukihiro Matsumoto Ruby 1.8.5 -p230 Yukihiro Matsumoto Ruby 1.8.5 -p2 Yukihiro Matsumoto Ruby 1.8.5 -p115 Yukihiro Matsumoto Ruby 1.8.5 Yukihiro Matsumoto Ruby 1.8.4 Yukihiro Matsumoto Ruby 1.8.3 Yukihiro Matsumoto Ruby 1.8.2 pre4 Yukihiro Matsumoto Ruby 1.8.2 pre3 Yukihiro Matsumoto Ruby 1.8.2 pre2 Yukihiro Matsumoto Ruby 1.8.2 pre1 Yukihiro Matsumoto Ruby 1.8.2 Yukihiro Matsumoto Ruby 1.8.1 Yukihiro Matsumoto Ruby 1.8 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 rPath rPath Linux 1 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux AS 3 Red Hat Enterprise Linux AS 2.1 Red Hat Enterprise Linux 5 Server Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.10 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.5 |
| Not Vulnerable: |
Apple Mac OS X Server 10.5.5 Apple Mac OS X 10.5.5 |
Discussion
Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
Ruby is prone to a remote denial-of-service vulnerability.
Successful exploits may allow remote attackers to cause denial-of-service conditions.
Ruby is prone to a remote denial-of-service vulnerability.
Successful exploits may allow remote attackers to cause denial-of-service conditions.
Exploit / POC
Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
Successful exploits will depend on the specific application.
Successful exploits will depend on the specific application.
Solution / Fix
Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Apple Mac OS X Server 10.5
Apple Mac OS X Server 10.4.11
Apple Mac OS X 10.5.1
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.3
Apple Mac OS X Server 10.5.3
Apple Mac OS X 10.5.4
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Apple Mac OS X Server 10.5
-
Apple MacOSXServerUpdCombo10.5.5.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.11
-
Apple SecUpdSrvr2008-006PPC.dmg
http://www.apple.com/support/downloads/ -
Apple SecUpdSrvr2008-006Univ.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.1
-
Apple MacOSXUpdCombo10.5.5.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.2
-
Apple MacOSXUpdCombo10.5.5.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.3
-
Apple MacOSXUpdCombo10.5.5.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.5.3
-
Apple MacOSXServerUpdCombo10.5.5.dmg
http://www.apple.com/support/downloads/
Apple Mac OS X 10.5.4
-
Apple MacOSXUpd10.5.5.dmg
http://www.apple.com/support/downloads/
References
Ruby 'rb_ary_fill()' Remote Denial Of Service Vulnerability
References:
References:
- * array.c (rb_ary_fill): check if beg is too big. (Ruby)
- About the security content of Mac OS X v10.5.5 and Security Update 2008-006 (Apple)
- Ruby Homepage (Ruby)
- Vuln name: Ruby rb_ary_fill() DOS (Secure Network)
- Vuln name: Ruby rb_ary_fill() DOS ([email protected])
- RHSA-2008:0561-7 Moderate: ruby security update (Red Hat)
- RHSA-2008:0562-5 Moderate: ruby security update (Red Hat)