The remote host is running Apple Mac OS X, but lacks Security Update 2005-008.

This security update contains fixes for the following applications :

- ImageIO
- LibSystem
- Mail
- QuickDraw
- Ruby
- SecurityAgent
- securityd

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:543 advisory.

    Ruby is an interpreted scripting language for object-oriented programming.

    A bug was found in the way Ruby launched an XMLRPC server. If an XMLRPC     server is launched in a certain way, it becomes possible for a remote     attacker to execute arbitrary commands within the XMLRPC server. The Common     Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name     CAN-2005-1992 to this issue.

    Users of Ruby should update to these erratum packages, which contain a     backported patch and are not vulnerable to this issue.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Nobuhiro IMAI reports :

the default value modification on Module#public_instance_methods (from false to true) breaks s.add_handler(XMLRPC::iPIMethods('sample'), MyHandler.new) style security protection.

This problem could allow a remote attacker to execute arbitrary commands on XMLRPC server of libruby.

Updated ruby packages that fix an arbitrary command execution issue are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Ruby is an interpreted scripting language for object-oriented programming.

A bug was found in the way Ruby launched an XMLRPC server. If an XMLRPC server is launched in a certain way, it becomes possible for a remote attacker to execute arbitrary commands within the XMLRPC server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1992 to this issue.

Users of Ruby should update to these erratum packages, which contain a backported patch and are not vulnerable to this issue.

This advisory adds security support for the stable amd64 distribution.
It covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.

The remote host is affected by the vulnerability described in GLSA-200507-10 (Ruby: Arbitrary command execution through XML-RPC)

    Nobuhiro IMAI reported that an invalid default value in 'utils.rb'     causes the security protections of the XML-RPC server to fail.
  Impact :

    A remote attacker could exploit this vulnerability to execute     arbitrary commands.
  Workaround :

    There is no known workaround at this time.

A vulnerability was discovered in ruby version 1.8 that could allow for the execution of arbitrary commands on a server running the ruby xmlrpc server.

The updated packages have been patched to address this issue.

A vulnerability has been discovered in ruby1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server. 

The old stable distribution (woody) did not include ruby1.8.

This problem is fixed for the current stable distribution (sarge) in version 1.8.2-7sarge1.

This problem is fixed for the unstable distribution in version 1.8.2-8.

Nobuhiro IMAI discovered that the changed default value of the Module#public_instance_methods() method broke the security protection of XMLRPC server handlers. A remote attacker could exploit this to execute arbitrary commands on an XMLRPC server.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Published	Updated	Severity
19773	Mac OS X Multiple Vulnerabilities (Security Update 2005-008)	Nessus	MacOS X Local Security Checks	9/23/2005	5/28/2024	high
19390	RHEL 4 : ruby (RHSA-2005:543)	Nessus	Red Hat Local Security Checks	8/7/2005	11/4/2024	critical
18942	FreeBSD : ruby -- arbitrary command execution on XMLRPC server (594eb447-e398-11d9-a8bd-000cf18bbe54)	Nessus	FreeBSD Local Security Checks	7/13/2005	1/6/2021	high
21945	CentOS 4 : ruby (CESA-2005:543)	Nessus	CentOS Local Security Checks	7/5/2006	1/4/2021	high
57528	Debian DSA-773-1 : amd64 - several vulnerabilities	Nessus	Debian Local Security Checks	1/12/2012	1/4/2021	critical
18669	GLSA-200507-10 : Ruby: Arbitrary command execution through XML-RPC	Nessus	Gentoo Local Security Checks	7/11/2005	1/6/2021	high
19192	Mandrake Linux Security Advisory : ruby (MDKSA-2005:118)	Nessus	Mandriva Local Security Checks	7/13/2005	1/6/2021	high
18663	Debian DSA-748-1 : ruby1.8 - bad default value	Nessus	Debian Local Security Checks	7/11/2005	1/4/2021	high
20540	Ubuntu 4.10 / 5.04 : ruby1.8 vulnerability (USN-146-1)	Nessus	Ubuntu Local Security Checks	1/15/2006	1/19/2021	high

Detections

Analytics

Plugins Search

high

critical

high

high

critical

high

high

high

high