Vulnerabilidad en Un desbordamiento de enteros (CVE-2008-2725)
Gravedad CVSS v2.0:
ALTA
Tipo:
CWE-189
Errores numéricos
Fecha de publicación:
24/06/2008
Última modificación:
09/04/2025
Descripción
Un desbordamiento de enteros en la función (1) rb_ary_splice en Ruby 1.8.4 y versiones anteriores, 1.8.5 anterior a versión 1.8.5-p231, 1.8.6 anterior a versión 1.8.6-p230 y 1.8.7 anterior a versión 1.8.7-p22; y (2) la función rb_ary_replace en 1.6.x permite a los atacantes dependiendo del contexto desencadenar una corrupción en la memoria por medio de vectores no especificados, también se conoce como la variante "REALLOC_N", un problema diferente a los CVE-2008-2662, CVE-2008-2663 y CVE-2008-2664. NOTA: a partir de 20080624, ha habido un uso incoherente de varios identificadores CVE relacionados con Ruby. La descripción del CVE debe considerarse autorizada, aunque es probable que cambie.
Impacto
Puntuación base 2.0
7.80
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* | 1.8.4 (incluyendo) | |
| cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* | 1.8.5 (incluyendo) | 1.8.5.231 (excluyendo) |
| cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* | 1.8.6 (incluyendo) | 1.8.6.230 (excluyendo) |
| cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* | 1.8.7 (incluyendo) | 1.8.7.22 (excluyendo) |
| cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
- http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
- http://secunia.com/advisories/30802
- http://secunia.com/advisories/30831
- http://secunia.com/advisories/30867
- http://secunia.com/advisories/30875
- http://secunia.com/advisories/30894
- http://secunia.com/advisories/31062
- http://secunia.com/advisories/31090
- http://secunia.com/advisories/31181
- http://secunia.com/advisories/31256
- http://secunia.com/advisories/31687
- http://secunia.com/advisories/33178
- http://security.gentoo.org/glsa/glsa-200812-17.xml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
- http://support.apple.com/kb/HT2163
- http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
- http://www.debian.org/security/2008/dsa-1612
- http://www.debian.org/security/2008/dsa-1618
- http://www.mandriva.com/security/advisories?name=MDVSA-2008%3A140
- http://www.mandriva.com/security/advisories?name=MDVSA-2008%3A141
- http://www.mandriva.com/security/advisories?name=MDVSA-2008%3A142
- http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
- http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html
- http://www.redhat.com/support/errata/RHSA-2008-0561.html
- http://www.ruby-forum.com/topic/157034
- http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
- http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
- http://www.securityfocus.com/archive/1/493688/100/0/threaded
- http://www.securityfocus.com/bid/29903
- http://www.securitytracker.com/id?1020347=
- http://www.ubuntu.com/usn/usn-621-1
- http://www.vupen.com/english/advisories/2008/1907/references
- http://www.vupen.com/english/advisories/2008/1981/references
- http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
- https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43350
- https://issues.rpath.com/browse/RPL-2626
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606
- https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html
- http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/
- http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
- http://secunia.com/advisories/30802
- http://secunia.com/advisories/30831
- http://secunia.com/advisories/30867
- http://secunia.com/advisories/30875
- http://secunia.com/advisories/30894
- http://secunia.com/advisories/31062
- http://secunia.com/advisories/31090
- http://secunia.com/advisories/31181
- http://secunia.com/advisories/31256
- http://secunia.com/advisories/31687
- http://secunia.com/advisories/33178
- http://security.gentoo.org/glsa/glsa-200812-17.xml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562
- http://support.apple.com/kb/HT2163
- http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206
- http://www.debian.org/security/2008/dsa-1612
- http://www.debian.org/security/2008/dsa-1618
- http://www.mandriva.com/security/advisories?name=MDVSA-2008%3A140
- http://www.mandriva.com/security/advisories?name=MDVSA-2008%3A141
- http://www.mandriva.com/security/advisories?name=MDVSA-2008%3A142
- http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/
- http://www.redhat.com/archives/fedora-security-commits/2008-June/msg00005.html
- http://www.redhat.com/support/errata/RHSA-2008-0561.html
- http://www.ruby-forum.com/topic/157034
- http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
- http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html
- http://www.securityfocus.com/archive/1/493688/100/0/threaded
- http://www.securityfocus.com/bid/29903
- http://www.securitytracker.com/id?1020347=
- http://www.ubuntu.com/usn/usn-621-1
- http://www.vupen.com/english/advisories/2008/1907/references
- http://www.vupen.com/english/advisories/2008/1981/references
- http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html
- https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/241657
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2727
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43350
- https://issues.rpath.com/browse/RPL-2626
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9606
- https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html