Ubuntu Update For Ruby1.8 USN-1780-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Ben Murphy discovered that the Ruby REXML library incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of memory, resulting in a denial of service.

Affected

ruby1.8 on Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-March/002057.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1821
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-1801-1
Ubuntu Update for clamav vulnerability USN-1076-1
Ubuntu Update for clamav USN-2157-1
Ubuntu Update for curl USN-2048-2
Ubuntu Update for apache2 USN-1368-1

Ubuntu Update for ruby1.8 USN-1780-1

Take action and discover your vulnerabilities