ruby

• Author: voroskoi
• Vulnerable: 1.8.5-1
• Unaffected: 1.8.5-2siwenna1

A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an input validation error in “cgi.rb”. This can be exploited to consume a large amount of CPU resources by sending a specially crafted HTTP POST request.

• Bug Tracker URL: http://bugs.frugalware.org/task/1418

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467