Novell Home

CVE-2005-2337

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2005-2337 at MITRE

Description

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 119204

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
  • ruby >= 1.8.1-42.10
Builds
YOU Patch Nr: 10837
SUSE LINUX Retail Solution 8
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • ruby >= 1.6.7-130
Builds
YOU Patch Nr: 10837
SUSE LINUX 10.0
  • ruby >= 1.8.2-11.2
SUSE LINUX 9.1 for IA32
SUSE LINUX 9.1 for x86-64
  • ruby >= 1.8.1-42.10
SUSE LINUX 9.2
  • ruby >= 1.8.1-48.6
SUSE LINUX 9.3
  • ruby >= 1.8.1-51.4

© 2014 Novell