CVE-2008-2662

Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/	Third Party Advisory
http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities	Third Party Advisory
http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/	Third Party Advisory
http://www.ruby-forum.com/topic/157034	Third Party Advisory
http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html	Third Party Advisory
http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html	Broken Link
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/	Patch Vendor Advisory
http://www.securityfocus.com/bid/29903	Third Party Advisory VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html	Third Party Advisory
http://secunia.com/advisories/31256	Third Party Advisory
http://secunia.com/advisories/30802	Third Party Advisory
http://secunia.com/advisories/31062	Third Party Advisory
http://secunia.com/advisories/30831	Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html	Third Party Advisory
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html	Mailing List Third Party Advisory
http://www.securitytracker.com/id?1020347	Third Party Advisory VDB Entry
http://www.debian.org/security/2008/dsa-1618	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0561.html	Third Party Advisory
http://support.apple.com/kb/HT2163	Third Party Advisory
http://secunia.com/advisories/31181	Third Party Advisory
http://www.debian.org/security/2008/dsa-1612	Third Party Advisory
http://secunia.com/advisories/31687	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:142	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:140	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:141	Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206	Broken Link
http://secunia.com/advisories/30867	Third Party Advisory
http://www.ubuntu.com/usn/usn-621-1	Third Party Advisory
https://issues.rpath.com/browse/RPL-2626	Broken Link
http://secunia.com/advisories/30875	Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562	Mailing List Third Party Advisory
http://secunia.com/advisories/30894	Third Party Advisory
http://security.gentoo.org/glsa/glsa-200812-17.xml	Third Party Advisory
http://secunia.com/advisories/33178	Third Party Advisory
http://www.vupen.com/english/advisories/2008/1907/references	Third Party Advisory
http://www.vupen.com/english/advisories/2008/1981/references	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43345	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601	Third Party Advisory
http://www.securityfocus.com/archive/1/493688/100/0/threaded	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ruby-lang:ruby::::::::
	cpe:2.3:a:ruby-lang:ruby::::::::
	cpe:2.3:a:ruby-lang:ruby::::::::
	cpe:2.3:a:ruby-lang:ruby::::::::
	cpe:2.3:a:ruby-lang:ruby::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

Information

Published : 2008-06-24 12:41

Updated : 2018-11-01 08:02

NVD link : CVE-2008-2662

Mitre link : CVE-2008-2662

JSON object : View

CWE

CWE-189

Numeric Errors

Products Affected

debian

debian_linux

canonical

ubuntu_linux

ruby-lang

ruby

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "name": "http://blog.phusion.nl/2008/06/23/ruby-186-p230187-broke-your-app-ruby-enterprise-edition-to-the-rescue/", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "name": "http://weblog.rubyonrails.org/2008/6/21/multiple-ruby-security-vulnerabilities", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "name": "http://www.matasano.com/log/1070/updates-on-drew-yaos-terrible-ruby-vulnerabilities/", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.ruby-forum.com/topic/157034", "name": "http://www.ruby-forum.com/topic/157034", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "name": "http://www.rubyinside.com/june-2008-ruby-security-vulnerabilities-927.html", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "name": "http://www.zedshaw.com/rants/the_big_ruby_vulnerabilities.html", "tags": ["Broken Link"], "refsource": "MISC"}, {"url": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "name": "http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/29903", "name": "29903", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "name": "SUSE-SR:2008:017", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/31256", "name": "31256", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/30802", "name": "30802", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/31062", "name": "31062", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/30831", "name": "30831", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00937.html", "name": "FEDORA-2008-5649", "tags": ["Third Party Advisory"], "refsource": "FEDORA"}, {"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "name": "APPLE-SA-2008-06-30", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "APPLE"}, {"url": "http://www.securitytracker.com/id?1020347", "name": "1020347", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://www.debian.org/security/2008/dsa-1618", "name": "DSA-1618", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html", "name": "RHSA-2008:0561", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://support.apple.com/kb/HT2163", "name": "http://support.apple.com/kb/HT2163", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/31181", "name": "31181", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2008/dsa-1612", "name": "DSA-1612", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/31687", "name": "31687", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142", "name": "MDVSA-2008:142", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140", "name": "MDVSA-2008:140", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141", "name": "MDVSA-2008:141", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0206", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/30867", "name": "30867", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.ubuntu.com/usn/usn-621-1", "name": "USN-621-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "https://issues.rpath.com/browse/RPL-2626", "name": "https://issues.rpath.com/browse/RPL-2626", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/30875", "name": "30875", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.429562", "name": "SSA:2008-179-01", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SLACKWARE"}, {"url": "http://secunia.com/advisories/30894", "name": "30894", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "name": "GLSA-200812-17", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/33178", "name": "33178", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2008/1907/references", "name": "ADV-2008-1907", "tags": ["Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2008/1981/references", "name": "ADV-2008-1981", "tags": ["Third Party Advisory"], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43345", "name": "ruby-rbstrbufappend-code-execution(43345)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11601", "name": "oval:org.mitre.oval:def:11601", "tags": ["Third Party Advisory"], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/493688/100/0/threaded", "name": "20080626 rPSA-2008-0206-1 ruby", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-189"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-2662", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-06-24T19:41Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.8.4"}, {"cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.8.5.231", "versionStartExcluding": "1.8.5"}, {"cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.8.6.230", "versionStartIncluding": "1.8.6"}, {"cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.8.7.22", "versionStartIncluding": "1.8.7"}, {"cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.9.0.2", "versionStartIncluding": "1.9.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-11-01T15:02Z"}

10.0 /10