Test Kennung:	1.3.6.1.4.1.25623.1.0.704259
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 4259-1 (ruby2.3 - security update)
Zusammenfassung:	Several vulnerabilities have been discovered in the interpreter for the;Ruby language, which may result in incorrect processing of HTTP/FTP,;directory traversal, command injection, unintended socket creation or;information disclosure.;;This update also fixes several issues in RubyGems which could allow an;attacker to use specially crafted gem files to mount cross-site scripting;attacks, cause denial of service through an infinite loop, write arbitrary;files, or run malicious code.
Beschreibung:	Summary: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in incorrect processing of HTTP/FTP, directory traversal, command injection, unintended socket creation or information disclosure. This update also fixes several issues in RubyGems which could allow an attacker to use specially crafted gem files to mount cross-site scripting attacks, cause denial of service through an infinite loop, write arbitrary files, or run malicious code. Affected Software/OS: ruby2.3 on Debian Linux Solution: For the stable distribution (stretch), these problems have been fixed in version 2.3.3-1+deb9u3. We recommend that you upgrade your ruby2.3 packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-6914 BugTraq ID: 103686 http://www.securityfocus.com/bid/103686 Debian Security Information: DSA-4259 (Google Search) https://www.debian.org/security/2018/dsa-4259 https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html https://lists.debian.org/debian-lts-announce/2018/04/msg00024.html https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html RedHat Security Advisories: RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3729 RedHat Security Advisories: RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3730 RedHat Security Advisories: RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2018:3731 RedHat Security Advisories: RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2019:2028 http://www.securitytracker.com/id/1042004 SuSE Security Announcement: openSUSE-SU-2019:1771 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html https://usn.ubuntu.com/3626-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8777 BugTraq ID: 103683 http://www.securityfocus.com/bid/103683 RedHat Security Advisories: RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0542 RedHat Security Advisories: RHSA-2020:0591 https://access.redhat.com/errata/RHSA-2020:0591 RedHat Security Advisories: RHSA-2020:0663 https://access.redhat.com/errata/RHSA-2020:0663 https://usn.ubuntu.com/3685-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8778 BugTraq ID: 103693 http://www.securityfocus.com/bid/103693 Common Vulnerability Exposure (CVE) ID: CVE-2018-8779 BugTraq ID: 103767 http://www.securityfocus.com/bid/103767 Common Vulnerability Exposure (CVE) ID: CVE-2018-8780 BugTraq ID: 103739 http://www.securityfocus.com/bid/103739
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.