Detections
Analytics

Oracle Linux 8 : ruby:2.5 (ELSA-2023-7025)

high Nessus Plugin ID 186102

Language:

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7025 advisory.

 - Fix HTTP response splitting in CGI.
 Resolves: CVE-2021-33621
 - Fix Buffer overrun in String-to-Float conversion.
 Resolves: CVE-2022-28739
 - Fix ReDoS vulnerability in URI.
 Resolves: CVE-2023-28755
 - Fix ReDoS vulnerability in Time.
 Resolves: CVE-2023-28756
 - Fix by adding length limit option for methods that parses date strings.
 Resolves: CVE-2021-41817
 - CGI::Cookie.parse no longer decodes cookie names to prevent spoofing security prefixes in cookie names.
 Resolves: CVE-2021-41819
 - Properly fix command injection vulnerability in Rdoc.
 Related: CVE-2021-31799
 - Fix command injection vulnerability in RDoc.
 Resolves: CVE-2021-31799
 - Fix StartTLS stripping vulnerability in Net::IMAP Resolves: CVE-2021-32066
 - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
 Resolves: CVE-2021-31810
 - Fix CVE-2013-4073.
 - Fix object taint bypassing in DL and Fiddle (CVE-2013-2065).
 - Fix Hash-flooding DoS vulnerability on MurmurHash function (CVE-2012-5371)
 - Don't create files when NUL-containing path name is passed (bug 865940, CVE-2012-4522)
 - Patch from trunk for CVE-2012-4464, CVE-2012-4466
 - Randomize hash on process startup (CVE-2011-4815, bug 750564)
 - CVE-2011-2686 is fixed in this version (bug 722415)
 - CVE-2010-0541 (bug 587731) is fixed in this version
 - CVE-2009-4492 ruby WEBrick log escape sequence (bug 554485)
 - New patchlevel fixing CVE-2009-1904
 - Fix regression in CVE-2008-3790 (#485383)
 - CVE-2008-5189: CGI header injection.
 - CVE-2008-3790: DoS vulnerability in the REXML module.
 - Security fixes.
 - CVE-2008-3655: Ruby does not properly restrict access to critical variables and methods at various safe levels.
 - CVE-2008-3656: DoS vulnerability in WEBrick.
 - CVE-2008-3657: Lack of taintness check in dl.
 - CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
 - CVE-2008-3443: Memory allocation failure in Ruby regex engine.
 - Security fixes. (#452295)
 - CVE-2008-1891: WEBrick CGI source disclosure.
 - CVE-2008-2662: Integer overflow in rb_str_buf_append().
 - CVE-2008-2663: Integer overflow in rb_ary_store().
 - CVE-2008-2664: Unsafe use of alloca in rb_str_format().
 - CVE-2008-2725: Integer overflow in rb_ary_splice().
 - CVE-2008-2726: Integer overflow in rb_ary_splice().
 - ruby-1.8.6.111-CVE-2007-5162.patch: removed.
 - Security fix for CVE-2008-1145.
 - ruby-1.8.6.111-CVE-2007-5162.patch: Update a bit with backporting the changes at trunk to enable the fix without any modifications on the users' scripts.
 Note that Net::HTTP#enable_post_connection_check isn't available anymore.
 If you want to disable this post-check, you should give OpenSSL::SSL::VERIFY_NONE to Net::HTTP#verify_mode= instead of.
 - ruby-1.8.6-CVE-2007-5162.patch: security fix for Net::HTTP that is insufficient verification of SSL certificate.
 - ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. (#212396)
 - security fixes [CVE-2006-3694]
 - ruby-1.8.4-fix-insecure-dir-operation.patch:
 - ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure operations in the certain safe-level restrictions. (#199538)
 - ruby-1.8.4-fix-alias-safe-level.patch: fixed to not bypass the certain safe-level restrictions. (#199543)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2023-7025.html

Plugin Details

Severity: High

ID: 186102

File Name: oraclelinux_ELSA-2023-7025.nasl

Version: 1.2

Type: local

Agent: unix

Published: 11/21/2023

Updated: 11/2/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2022-28739

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2021-33621

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:rubygem-json, p-cpe:/a:oracle:linux:rubygems, p-cpe:/a:oracle:linux:rubygem-openssl, p-cpe:/a:oracle:linux:rubygem-psych, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:rubygem-io-console, p-cpe:/a:oracle:linux:rubygem-mongo-doc, p-cpe:/a:oracle:linux:rubygem-pg, p-cpe:/a:oracle:linux:rubygem-net-telnet, p-cpe:/a:oracle:linux:rubygem-bigdecimal, p-cpe:/a:oracle:linux:rubygem-bundler-doc, p-cpe:/a:oracle:linux:rubygem-mongo, p-cpe:/a:oracle:linux:rubygem-did_you_mean, p-cpe:/a:oracle:linux:rubygem-rdoc, cpe:/a:oracle:linux:8::appstream, cpe:/a:oracle:linux:8:9:appstream_base, p-cpe:/a:oracle:linux:rubygem-bson, p-cpe:/a:oracle:linux:rubygem-power_assert, p-cpe:/a:oracle:linux:rubygems-devel, p-cpe:/a:oracle:linux:rubygem-bson-doc, p-cpe:/a:oracle:linux:rubygem-bundler, p-cpe:/a:oracle:linux:rubygem-mysql2, p-cpe:/a:oracle:linux:rubygem-abrt-doc, p-cpe:/a:oracle:linux:rubygem-pg-doc, p-cpe:/a:oracle:linux:rubygem-mysql2-doc, p-cpe:/a:oracle:linux:ruby-doc, p-cpe:/a:oracle:linux:ruby-irb, p-cpe:/a:oracle:linux:rubygem-abrt, p-cpe:/a:oracle:linux:ruby, p-cpe:/a:oracle:linux:rubygem-rake, p-cpe:/a:oracle:linux:rubygem-xmlrpc, p-cpe:/a:oracle:linux:rubygem-minitest, p-cpe:/a:oracle:linux:ruby-devel, p-cpe:/a:oracle:linux:ruby-libs, p-cpe:/a:oracle:linux:rubygem-test-unit

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/18/2023

Vulnerability Publication Date: 4/13/2022

Reference Information

CVE: CVE-2021-33621, CVE-2022-28739, CVE-2023-28755, CVE-2023-28756