SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Ruby Vendors:   Matsumoto, Yukihiro
(Apple Issues Fix) Ruby 64-bit BigDecimal Integer Truncation Flaw Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1025237
SecurityTracker URL:  http://securitytracker.com/id/1025237
CVE Reference:   CVE-2011-0188   (Links to External Site)
Date:  Mar 22 2011
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.9.2
Description:   A vulnerability was reported in Ruby. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted data to a Ruby script that uses untrusted input to create a BigDecimal object to potentially trigger an integer truncation flaw and execute arbitrary code.

64-bit processes are affected.

Drew Yao of Apple Product Security reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   Apple has issued a fix as part of Mac OS X v10.6.7 and Security Update 2011-001, available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:

http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2011-001 or Mac OS X v10.6.7.

For Mac OS X v10.6.6
The download file is named: MacOSXUpd10.6.7.dmg
Its SHA-1 digest is: 1e1cc5da36d2d175d2b67e7fd8fc4ab8c89f2e8b

For Mac OS X v10.6 - v10.6.5
The download file is named: MacOSXUpdCombo10.6.7.dmg
Its SHA-1 digest is: 4f359529e08482be1fcbe3b7500c7a73062a8e8e

For Mac OS X Server v10.6.6
The download file is named: MacOSXServerUpd10.6.7.dmg
Its SHA-1 digest is: e5df6c1e38f76b8f8c252f4c97a2ee94d9b55403

For Mac OS X Server v10.6 - v10.6.5
The download file is named: MacOSXServerUpdCombo10.6.7.dmg
Its SHA-1 digest is: 38b5564656de9714ce143bf8739c8525d38d5656

For Mac OS X 10.6.7 for MacBook Pro Early 2011
The download file is named: MacOSXUpd10.6.7MBPEarly2011.dmg
Its SHA-1 digest is: 846e776582678d8ec3683d3466b239acda34c110

For Mac OS X v10.5.8
The download file is named: SecUpd2011-001.dmg
Its SHA-1 digest is: bbbd6cad211eafc900e2562f900b875287e533ff

For Mac OS X Server v10.5.8
The download file is named: SecUpdSrvr2011-001.dmg
Its SHA-1 digest is: bb42b1372940c8f3130de306cb4a2d607ce48a1d

The vendor's advisory is available at:

http://support.apple.com/kb/HT4581

Vendor URL:  www.ruby-lang.org/ (Links to External Site)
Cause:   Access control error
Underlying OS:  UNIX (macOS/OS X)
Underlying OS Comments:  10.6.6 and prior versions

Message History:   This archive entry is a follow-up to the message listed below.
Mar 22 2011 Ruby 64-bit BigDecimal Integer Truncation Flaw Lets Remote Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC