← volver
CVE-2006-1931

CVE-2006-1931

EPSS 10.2%
The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/27723no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2-webrick-dos-1.patchftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2-xmlrpc-dos-1.patchhttp://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-dev/27787https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189540http://secunia.com/advisories/16904http://secunia.com/advisories/19772http://secunia.com/advisories/19804http://secunia.com/advisories/20024http://secunia.com/advisories/20064http://secunia.com/advisories/20457http://secunia.com/advisories/21657http://securitytracker.com/id?1015978