Description
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
Moodle Improper Input Validation Vulnerability (CVE-2006-4936)
WordPress Plugin 404 SEO Redirection Cross-Site Scripting (1.3)
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)