Summary
This host is installed with Ruby and is
prone to denial-of-service vulnerability.
Impact
Successful exploitation will allow attackers
to cause a denial of service (crash) condition.
Impact Level: Application
Solution
Upgrade to Ruby 1.9.3-p550 or 2.0.0-p594 or
2.1.4 later. For updates refer http://www.ruby-lang.org
Insight
Flaw exists due to an incorrectly configured
XML parser accepting XML external entities from an untrusted source
Affected
Ruby versions Ruby 1.9.x before 1.9.3-p550,
2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 on Windows.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-8080 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities