Description

httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.

Remediation

References

CVE-2008-4310

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2013-4352)

WordPress Plugin Zingiri Web Shop 'abspath' Parameter Remote File Include (2.4.6)

Drupal Core 8.8.0 Denial of Service (8.8.0)

WebLogic Improper Input Validation Vulnerability (CVE-2019-12400)

Jboss EAP Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)

Severity

High

Classification

CVE-2008-4310

Tags

Missing Update Known Vulnerabilities