Launchpad.net

CVE 2008-3443

The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.

Related bugs and status

CVE-2008-3443 (Candidate) is related to these bugs:

Bug #246818: [CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby

		In	Importance	Status
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Dapper)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Feisty)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Gutsy)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Hardy)	Undecided	Fix Released

Bug #257122: Multiple vulnerabilities in Ruby

		In	Importance	Status
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Feisty)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Feisty)	Undecided	Won't Fix
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Gutsy)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Gutsy)	Undecided	Won't Fix
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Intrepid)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Intrepid)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Dapper)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Dapper)	Undecided	Won't Fix
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Hardy)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Hardy)	Undecided	Won't Fix

Bug #261459: DOS Vulnerability in Ruby REXML

		In	Importance	Status
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu)	Undecided	Fix Released
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu Dapper)	Undecided	Fix Released
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu Gutsy)	Undecided	Fix Released
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

SECUNIA: 33185
SECUNIA: 31430
SREASON: 4158
DEBIAN: DSA-1695
BID: 30682
SECUNIA: 33398
FEDORA: FEDORA-2008-8736
FEDORA: FEDORA-2008-8738
SECTRACK: 1021075
SECUNIA: 32165
SECUNIA: 32219
REDHAT: RHSA-2008:0895
REDHAT: RHSA-2008:0897
SECUNIA: 32371
SECUNIA: 32372
CONFIRM: http://support.avaya.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-05-12
CERT: TA09-133A
SECUNIA: 35074
VUPEN: ADV-2009-1297
XF: ruby-regex-dos(44688)
EXPLOIT-DB: 6239
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-691-1
UBUNTU: USN-651-1