← voltar
CVE-2006-5467

CVE-2006-5467

EPSS 4.1%
The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-Phttp://docs.info.apple.com/article.html?artnum=305530http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlhttp://rubyforge.org/pipermail/mongrel-users/2006-October/001946.htmlhttp://secunia.com/advisories/22615http://secunia.com/advisories/22624http://secunia.com/advisories/22761http://secunia.com/advisories/22929http://secunia.com/advisories/22932http://secunia.com/advisories/23040http://secunia.com/advisories/23344http://secunia.com/advisories/25402