Ruby Interpreter Heap Overflow Vulnerability (Linux) - Dec09 Network Vulnerability

Summary

This host is installed with Ruby Interpreter and is prone to Heap Overflow vulnerability.

Impact

Successful exploitation will let the attacker execute arbitrary code, corrupt the heap area to execute the crafted malicious shellcode into the system registers to take control over the remote machine.

Solution

Apply the patch ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.bz2 ***** NOTE: Please ignore this warning if the patch is applied. *****

Insight

The flaw is due to improper sanitization check while processing user supplied input data to the buffer inside 'String#ljust', 'String#center' and 'String#rjust' methods.

Affected

Ruby Interpreter version 1.9.1 before 1.9.1 Patchlevel 376

References

http://secunia.com/advisories/37660
http://www.osvdb.org/60880
http://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string
http://www.vupen.com/english/advisories/2009/3471

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4124
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Amarok Player Multiple Vulnerabilities
Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
Avaya WinPDM Multiple Buffer Overflow Vulnerabilities
BSPlayer Stack Overflow Vulnerability BLS
AIMP ID3 Tag Buffer Overflow Vulnerability

Take action and discover your vulnerabilities