Summary
This host is installed with Ruby and is
prone to denial-of-service vulnerability.
Impact
Successful exploitation will allow attackers
to cause a denial of service (crash) condition.
Impact Level: Application
Solution
Upgrade to Ruby 2.1.3 or later. For updates
refer http://www.ruby-lang.org
Insight
Flaw exists due to an error in 'str_buf_cat'
function in string.c script triggered when handling an overly long string.
Affected
Ruby versions 1.9.3, 2.0.0 and 2.1.0 on
Windows.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-3916 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities