FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-2726

This CVE name corresponds to:

Entered	Topic
2008-06-21	ruby -- multiple integer and buffer overflow vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-2726 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2008-2726
Phase	Assigned(20080616)

Description

Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

References

Source	Reference
MISC	http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
MISC	http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
MISC	http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
MISC	http://www.ruby-forum.com/topic/157034
MISC	http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
MISC	http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
CONFIRM	http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460
CONFIRM	http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
CONFIRM	http://support.apple.com/kb/HT2163
APPLE	APPLE-SA-2008-06-30
DEBIAN	DSA-1612
FEDORA	FEDORA-2008-5649
REDHAT	RHSA-2008:0561
BID	29903
FRSIRT	ADV-2008-1907
FRSIRT	ADV-2008-1981
SECTRACK	1020347
SECUNIA	30831
SECUNIA	30802
SECUNIA	31062
SECUNIA	31090
SECUNIA	31181