Oval Definition:oval:org.opensuse.security:def:20083655
Revision Date:2022-05-20Version:1
Title:CVE-2008-3655
Description:

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-3655
Mitre CVE-2008-3655
SUSE CVE-2008-3655
SUSE-SA:2009:037
SUSE-SA:2009:037
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • ruby-devel less than 1.8.6.p369-0.4
  • OR ruby-doc-html less than 1.8.6.p369-0.4
  • OR ruby-doc-ri less than 1.8.6.p369-0.4
  • OR ruby-examples less than 1.8.6.p369-0.4
  • OR ruby-test-suite less than 1.8.6.p369-0.4
  • OR ruby-tk less than 1.8.6.p369-0.4
  • OR ruby less than 1.8.6.p369-0.4
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • ruby-1.8.7.p72-5.22 is installed
  • OR ruby-doc-html-1.8.7.p72-5.22 is installed
  • OR ruby-tk-1.8.7.p72-5.22 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • ruby-1.8.7.p72-5.22.1 is installed
  • OR ruby-doc-html-1.8.7.p72-5.22.1 is installed
  • OR ruby-tk-1.8.7.p72-5.22.1 is installed
    • BACK