Scientific Linux 4: CVE-2009-4492 Moderate: Ruby Memory Corruption

Jun 29, 2011 •

LinuxSecurity Advisories

2 - 3 min read

Scientific Large Esm H500

Topics Covered

security advisory moderate cross-site scripting memory corruption remote execution ruby scientific linux

Moderate: ruby security update

Date: Wed, 29 Jun 2011 14:52:09 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA Moderate: ruby on SL4.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."

MIME-Version: 1.0

Synopsis: Moderate: ruby security update
Issue Date: 2011-06-28
CVE Numbers: CVE-2009-4492
 CVE-2010-0541
 CVE-2011-1005
 CVE-2011-0188

Ruby is an extensible, interpreted, object-oriented, scripting language.
It has features to process text files and to do system management tasks.

A flaw was found in the way large amounts of memory were allocated on
64-bit systems when using the BigDecimal class. A context-dependent
attacker could use this flaw to cause memory corruption, causing a Ruby
application that uses the BigDecimal class to crash or, possibly,
execute arbitrary code. This issue did not affect 32-bit systems.
(CVE-2011-0188)

It was found that WEBrick (the Ruby HTTP server toolkit) did not filter
terminal escape sequences from its log files. A remote attacker could
use specially-crafted HTTP requests to inject terminal escape sequences
into the WEBrick log files. If a victim viewed the log files with a
terminal emulator, it could result in control characters being executed
with the privileges of that user. (CVE-2009-4492)

A cross-site scripting (XSS) flaw was found in the way WEBrick displayed
error pages. A remote attacker could use this flaw to perform a
cross-site scripting attack against victims by tricking them into
visiting a specially-crafted URL. (CVE-2010-0541)

A flaw was found in the method for translating an exception message into
a string in the Exception class. A remote attacker could use this flaw
to bypass safe level 4 restrictions, allowing untrusted (tainted) code
to modify arbitrary, trusted (untainted) strings, which safe level 4
restrictions would otherwise prevent. (CVE-2011-1005)

All Ruby users should upgrade to these updated packages, which contain
backported patches to resolve these issues.

SL4:
 i386
 irb-1.8.1-16.el4.i386.rpm
 ruby-tcltk-1.8.1-16.el4.i386.rpm
 ruby-mode-1.8.1-16.el4.i386.rpm
 ruby-libs-1.8.1-16.el4.i386.rpm
 ruby-docs-1.8.1-16.el4.i386.rpm
 ruby-devel-1.8.1-16.el4.i386.rpm
 ruby-1.8.1-16.el4.i386.rpm
 x86_64
 ruby-mode-1.8.1-16.el4.x86_64.rpm
 ruby-libs-1.8.1-16.el4.x86_64.rpm
 ruby-libs-1.8.1-16.el4.i386.rpm
 ruby-docs-1.8.1-16.el4.x86_64.rpm
 ruby-devel-1.8.1-16.el4.x86_64.rpm
 ruby-1.8.1-16.el4.x86_64.rpm
 irb-1.8.1-16.el4.x86_64.rpm
 ruby-tcltk-1.8.1-16.el4.x86_64.rpm

- Scientific Linux Development Team
lastline

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here