CVE-2008-2662

Current Description

Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.

Referenced by CVEs:CVE-2008-2663, CVE-2008-2664, CVE-2008-2725

Basic Data

PublishedJune 24, 2008
Last ModifiedNovember 01, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-189
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRuby-langRuby********1.8.4
    2.3ApplicationRuby-langRuby********1.8.51.8.5.231
    2.3ApplicationRuby-langRuby********1.8.61.8.6.230
    2.3ApplicationRuby-langRuby********1.8.71.8.7.22
    2.3ApplicationRuby-langRuby********1.9.01.9.0.2
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux4.0*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSCanonicalUbuntu Linux6.06***lts***
    2.3OSCanonicalUbuntu Linux7.04*******
    2.3OSCanonicalUbuntu Linux7.10*******
    2.3OSCanonicalUbuntu Linux8.04***lts***

Vulnerable Software List

VendorProductVersions
Ruby-lang Ruby *
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06, 7.04, 7.10, 8.04

References

NameSourceURLTags
http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-resMISCThird Party Advisory
APPLE-SA-2008-06-30http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.htmlAPPLEMailing List Third Party Advisory
SUSE-SR:2008:017http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlSUSEThird Party Advisory
30802http://secunia.com/advisories/30802SECUNIAThird Party Advisory
30831http://secunia.com/advisories/30831SECUNIAThird Party Advisory
30867http://secunia.com/advisories/30867SECUNIAThird Party Advisory
30875http://secunia.com/advisories/30875SECUNIAThird Party Advisory
30894http://secunia.com/advisories/30894SECUNIAThird Party Advisory
31062http://secunia.com/advisories/31062SECUNIAThird Party Advisory
31181http://secunia.com/advisories/31181SECUNIAThird Party Advisory
31256http://secunia.com/advisories/31256SECUNIAThird Party Advisory
31687http://secunia.com/advisories/31687SECUNIAThird Party Advisory
33178http://secunia.com/advisories/33178SECUNIAThird Party Advisory
GLSA-200812-17http://security.gentoo.org/glsa/glsa-200812-17.xmlGENTOOThird Party Advisory
SSA:2008-179-01http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562SLACKWAREMailing List Third Party Advisory
http://support.apple.com/kb/HT2163http://support.apple.com/kb/HT2163CONFIRMThird Party Advisory
http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilitieshttp://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilitiesMISCThird Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206CONFIRMBroken Link
DSA-1612http://www.debian.org/security/2008/dsa-1612DEBIANThird Party Advisory
DSA-1618http://www.debian.org/security/2008/dsa-1618DEBIANThird Party Advisory
MDVSA-2008:140http://www.mandriva.com/security/advisories?name=MDVSA-2008:140MANDRIVAThird Party Advisory
MDVSA-2008:141http://www.mandriva.com/security/advisories?name=MDVSA-2008:141MANDRIVAThird Party Advisory
MDVSA-2008:142http://www.mandriva.com/security/advisories?name=MDVSA-2008:142MANDRIVAThird Party Advisory
http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/MISCThird Party Advisory
RHSA-2008:0561http://www.redhat.com/support/errata/RHSA-2008-0561.htmlREDHATThird Party Advisory
http://www.ruby-forum.com/topic/157034http://www.ruby-forum.com/topic/157034MISCThird Party Advisory
http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.htmlhttp://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.htmlMISCThird Party Advisory
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/CONFIRMPATCH Vendor Advisory
20080626 rPSA-2008-0206-1 rubyhttp://www.securityfocus.com/archive/1/493688/100/0/threadedBUGTRAQThird Party Advisory VDB Entry
29903http://www.securityfocus.com/bid/29903BIDThird Party Advisory VDB Entry
1020347http://www.securitytracker.com/id?1020347SECTRACKThird Party Advisory VDB Entry
USN-621-1http://www.ubuntu.com/usn/usn-621-1UBUNTUThird Party Advisory
ADV-2008-1907http://www.vupen.com/english/advisories/2008/1907/referencesVUPENThird Party Advisory
ADV-2008-1981http://www.vupen.com/english/advisories/2008/1981/referencesVUPENThird Party Advisory
http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.htmlhttp://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.htmlMISCBroken Link
ruby-rbstrbufappend-code-execution(43345)https://exchange.xforce.ibmcloud.com/vulnerabilities/43345XFThird Party Advisory VDB Entry
https://issues.rpath.com/browse/RPL-2626https://issues.rpath.com/browse/RPL-2626CONFIRMBroken Link
oval:org.mitre.oval:def:11601https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601OVALThird Party Advisory
FEDORA-2008-5649https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.htmlFEDORAThird Party Advisory