FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-2726

This CVE name corresponds to:

Entered Topic
2008-06-21 ruby -- multiple integer and buffer overflow vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-2726 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-2726
Phase Assigned(20080616)

Description

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

References

Source Reference
BUGTRAQ 20080626 rPSA-2008-0206-1 ruby
MISC http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
MISC http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
MISC http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
MISC http://www.ruby-forum.com/topic/157034
MISC http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
MISC http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
MLIST [fedora-security-commits] 20080620 fedora-security/audit f10, 1.7, 1.8 f8, 1.225, 1.226 f9, 1.215, 1.216
CONFIRM https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657
CONFIRM http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17460
CONFIRM http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
CONFIRM http://support.apple.com/kb/HT2163
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
CONFIRM https://issues.rpath.com/browse/RPL-2626
APPLE APPLE-SA-2008-06-30
DEBIAN DSA-1612
DEBIAN DSA-1618
FEDORA FEDORA-2008-5649
GENTOO GLSA-200812-17
MANDRIVA MDVSA-2008:140
MANDRIVA MDVSA-2008:141
MANDRIVA MDVSA-2008:142
REDHAT RHSA-2008:0561
SLACKWARE SSA:2008-179-01
SUSE SUSE-SR:2008:017
UBUNTU USN-621-1
BID 29903
OVAL oval:org.mitre.oval:def:9959
VUPEN ADV-2008-1907
VUPEN ADV-2008-1981
SECTRACK 1020347
SECUNIA 30831
SECUNIA 30802
SECUNIA 31062
SECUNIA 31090
SECUNIA 31181
SECUNIA 31256
SECUNIA 31687
SECUNIA 30867
SECUNIA 30875
SECUNIA 30894
SECUNIA 33178
XF ruby-rbarysplice-begrlen-code-execution(43351)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.