Summary
The host is installed with Ruby Interpreter and is prone to Heap Overflow Vulnerability.
Impact
Successful exploitation will allow remote attacker to cause denial of service or potentially the execution of arbitrary code.
Impact Level: System/Application.
Solution
Upgrade to version 1.9.3 patchlevel 484, 2.0.0 patchlevel 353,or later.
For updates refer to http://www.ruby-lang.org
Insight
The flaw is due to improper sanitization while processing user supplied input data during conversion of strings to floating point values.
Affected
Ruby Interpreter version 1.8, 1.9 before 1.9.3 Patchlevel 484, 2.0 before 2.0.0 Patchlevel 353.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-4164 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities