Vulnerability Solutions |
||
| The WatchMouse Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview | ||
| Category: Fedora Local Security Checks | Risk factor: High | Added: 11 Oct 2008 |
| The remote host is missing the patch for the advisory FEDORA-2008-8736 (ruby). Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. - Update Information: Update to new upstream release fixing multiple security issues detailed in the upstream advisories: [9]http://www.ruby-lang.org/en/news/2008/08/08/multiple - vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing 'taintness' checks in dl module - CVE-2008-3905 - resolv.rb adds random transactions ids and source ports to prevent DNS spoofing attacks [10]http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in - rexml/ - CVE-2008-3790 - DoS in the REXML module One issue not covered by any upstream advisory: - CVE-2008-3443 - DoS in the regular expression engine Solution: Get the newest Fedora Updates Risk factor: High |
||
