File tree Expand file tree Collapse file tree 1 file changed +33
-0
lines changed Expand file tree Collapse file tree 1 file changed +33
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ layout : advisory
3+ title : ' CVE-2008-4310 (webrick): WEBrick Denial of Service Vulnerability'
4+ comments : false
5+ categories :
6+ - webrick
7+ advisory :
8+ gem : webrick
9+ cve : 2008-4310
10+ ghsa : wfrc-r6c6-7j9r
11+ url : https://bugzilla.redhat.com/show_bug.cgi?id=470252
12+ title : WEBrick Denial of Service Vulnerability
13+ date : 2008-12-08
14+ description : |
15+ httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat
16+ Enterprise Linux 4 and 5, allows remote attackers to cause a
17+ denial of service (CPU consumption) via a crafted HTTP request.
18+
19+ NOTE: This issue exists because of an incomplete fix for CVE-2008-3656.
20+ cvss_v2 : 7.8
21+ patched_versions :
22+ - " >= 1.3.1"
23+ related :
24+ url :
25+ - https://nvd.nist.gov/vuln/detail/CVE-2008-4310
26+ - https://github.com/ruby/webrick/commit/b2ccd5ff7ddd67a4548299e110dcc5a4728a5534
27+ - http://www.openwall.com/lists/oss-security/2008/12/04/2
28+ - https://bugzilla.redhat.com/show_bug.cgi?id=470252
29+ - https://oval.cisecurity.org/repository/search/definition/oval
30+ - http://www.redhat.com/support/errata/RHSA-2008-0981.html
31+ - https://web.archive.org/web/20111230125610/http://secunia.com/advisories/33013
32+ - https://github.com/advisories/GHSA-wfrc-r6c6-7j9r
33+ ---
You can’t perform that action at this time.
0 commit comments