CVE Vulnerabilities

CVE-2004-0983

Published: Mar 01, 2005 | Modified: Oct 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

Affected Software

Name Vendor Start Version End Version
Ruby Yukihiro_matsumoto 1.6 (including) 1.6 (including)
Ruby Yukihiro_matsumoto 1.6.7 (including) 1.6.7 (including)
Ruby Yukihiro_matsumoto 1.8 (including) 1.8 (including)
Ruby Yukihiro_matsumoto 1.8.1 (including) 1.8.1 (including)
Ruby Yukihiro_matsumoto 1.8.2_pre1 (including) 1.8.2_pre1 (including)
Ruby Yukihiro_matsumoto 1.8.2_pre2 (including) 1.8.2_pre2 (including)
Red Hat Enterprise Linux 3 RedHat ruby-0:1.6.8-9.EL3.3 *
Ruby1.6 Ubuntu dapper *
Ruby1.8 Ubuntu dapper *
Ruby1.8 Ubuntu devel *
Ruby1.8 Ubuntu edgy *
Ruby1.8 Ubuntu feisty *

References