Launchpad.net

CVE 2008-3656

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.

Related bugs and status

CVE-2008-3656 (Candidate) is related to these bugs:

Bug #246818: [CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby

		In	Importance	Status
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Dapper)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Feisty)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Gutsy)	Undecided	Fix Released
246818	[CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby	ruby1.8 (Ubuntu Hardy)	Undecided	Fix Released

Bug #257122: Multiple vulnerabilities in Ruby

		In	Importance	Status
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Feisty)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Feisty)	Undecided	Won't Fix
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Gutsy)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Gutsy)	Undecided	Won't Fix
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Intrepid)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Intrepid)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Dapper)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Dapper)	Undecided	Won't Fix
257122	Multiple vulnerabilities in Ruby	ruby1.8 (Ubuntu Hardy)	Undecided	Fix Released
257122	Multiple vulnerabilities in Ruby	ruby1.9 (Ubuntu Hardy)	Undecided	Won't Fix

Bug #261459: DOS Vulnerability in Ruby REXML

		In	Importance	Status
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu)	Undecided	Fix Released
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu Dapper)	Undecided	Fix Released
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu Gutsy)	Undecided	Fix Released
261459	DOS Vulnerability in Ruby REXML	ruby1.8 (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.debian.org...
CONFIRM: http://www.ruby-lang.o...
CONFIRM: http://wiki.rpath.com/...
BID: 30644
SECTRACK: 1020654
SECUNIA: 31697
DEBIAN: DSA-1651
DEBIAN: DSA-1652
SECUNIA: 32255
SECUNIA: 32256
GENTOO: GLSA-200812-17
SECUNIA: 33178
SECUNIA: 31430
FEDORA: FEDORA-2008-8736
FEDORA: FEDORA-2008-8738
SECUNIA: 32165
SECUNIA: 32219
REDHAT: RHSA-2008:0897
SECUNIA: 32371
CONFIRM: http://support.avaya.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-05-12
CERT: TA09-133A
SECUNIA: 35074
VUPEN: ADV-2009-1297
VUPEN: ADV-2008-2334
XF: ruby-webrick-dos(44371)
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-651-1
BUGTRAQ: 20080831 rPSA-2008-026...