Description

httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.

Remediation

References

CVE-2008-4310

Related Vulnerabilities

Oracle Database Server CVE-2012-0526 Vulnerability (CVE-2012-0526)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)

WordPress Plugin WP-Forum 'sendmail.php' SQL Injection (1.7.8)

Oracle JRE CVE-2014-2421 Vulnerability (CVE-2014-2421)

Severity

High

Classification

CVE-2008-4310

Tags

Missing Update Known Vulnerabilities