Oval Definition:oval:org.opensuse.security:def:20083443
Revision Date:2022-05-20Version:1
Title:CVE-2008-3443
Description:

The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-3443
Mitre CVE-2008-3443
SUSE CVE-2008-3443
SUSE-SA:2009:037
SUSE-SA:2009:037
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • ruby-devel less than 1.8.6.p369-0.4
  • OR ruby-doc-html less than 1.8.6.p369-0.4
  • OR ruby-doc-ri less than 1.8.6.p369-0.4
  • OR ruby-examples less than 1.8.6.p369-0.4
  • OR ruby-test-suite less than 1.8.6.p369-0.4
  • OR ruby-tk less than 1.8.6.p369-0.4
  • OR ruby less than 1.8.6.p369-0.4
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • ruby-1.8.7.p72-5.22 is installed
  • OR ruby-doc-html-1.8.7.p72-5.22 is installed
  • OR ruby-tk-1.8.7.p72-5.22 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • ruby-1.8.7.p72-5.22.1 is installed
  • OR ruby-doc-html-1.8.7.p72-5.22.1 is installed
  • OR ruby-tk-1.8.7.p72-5.22.1 is installed
    • BACK