Description
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
Affected products
- yukihiro_matsumoto / ruby1.8.2 – 1.8.2
- yukihiro_matsumoto / ruby1.8.3 – 1.8.3
- yukihiro_matsumoto / ruby1.8.4 – 1.8.4
References
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
- MISChttp://www.securityfocus.com/bid/18944
- VENDOR_ADVISORYhttp://secunia.com/advisories/21657
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9983
- VENDOR_ADVISORYhttp://secunia.com/advisories/21749
- MISChttp://jvn.jp/jp/JVN%2313947696/index.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/21009
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:134
- VENDOR_ADVISORYhttp://secunia.com/advisories/21598
- VENDOR_ADVISORYhttp://secunia.com/advisories/21233
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/2760
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/27725
- MISChttp://www.osvdb.org/27144
- MISChttp://www.osvdb.org/27145
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-325-1
- VENDOR_ADVISORYhttp://www.debian.org/security/2006/dsa-1157
- VENDOR_ADVISORYhttp://secunia.com/advisories/21337
- MAILING_LISThttp://lists.freebsd.org/pipermail/freebsd-security/2006-July/003907.html
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2006_21_sr.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/21272
- VENDOR_ADVISORYhttp://secunia.com/advisories/21236
- VENDOR_ADVISORYhttp://www.debian.org/security/2006/dsa-1139
- MISChttp://www.redhat.com/support/errata/RHSA-2006-0604.html
- MISChttp://jvn.jp/jp/JVN%2383768862/index.html
- MAILING_LISThttp://lists.freebsd.org/pipermail/freebsd-security/2006-July/003915.html