Vulnerability CVE-2016-0751 - CERT Civis.Net

Vulnerability Name:

CVE-2016-0751 (CCN-110105)

Assigned:

2015-12-16

Published:

2016-01-25

Updated:

2019-08-08

Summary:

actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2016-0751

Source: FEDORA
Type: UNKNOWN
FEDORA-2016-94e71ee673

Source: FEDORA
Type: UNKNOWN
FEDORA-2016-f486068393

Source: SUSE
Type: UNKNOWN
SUSE-SU-2016:1146

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0363

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0372

Source: CCN
Type: RHSA-2016-0296
Important: rh-ror41 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2016:0296

Source: CCN
Type: RHSA-2016-0454
Important: ror40 security update

Source: CCN
Type: RHSA-2016-0455
Important: ruby193 security update

Source: CCN
Type: Ruby on Rails Web Site
Rails 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1, and rails-html-sanitizer 1.0.3 have been released!

Source: DEBIAN
Type: UNKNOWN
DSA-3464

Source: CCN
Type: IBM Security Bulletin 1979514 (BigFix family)
Multiple vulnerabilities in RubyOnRails affects IBM BigFix Compliance Analytics. (CVE-2015-7581, CVE-2016-0751, CVE-2016-0752, CVE-2016-0753)

Source: CCN
Type: IBM Security Bulletin 1985099 (License Metric Tool)
Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9, IBM BigFix Inventory v9 and IBM Endpoint Manager for Software Use Analysis v9 & v2.2

Source: MLIST
Type: UNKNOWN
[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack

Source: BID
Type: UNKNOWN
81800

Source: CCN
Type: BID-81800
Ruby on Rails Action Pack CVE-2016-0751 Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1034816

Source: XF
Type: UNKNOWN
rails-cve20160751-dos(110105)

Source: MLIST
Type: UNKNOWN
[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack

Source: CCN
Type: Apple security document HT207604
About the security content of macOS Server 5.3

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-0751

Vulnerable Configuration:

Configuration 1:

cpe:/a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.10:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:* (Version <= 3.2.22)

OR cpe:/a:rubyonrails:ruby_on_rails:4.0.10:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:4.0.11:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:4.0.11.1:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:4.0.12:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:4.0.13:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:4.0.13:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:rubyonrails:rails:3.0.0:-:*:*:*:*:*:*

AND

cpe:/a:ibm:license_metric_tool:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20160751	V	CVE-2016-0751	2022-05-22
oval:org.opensuse.security:def:14072	P	yast2-users-3.1.57-16.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13899	P	libfreetype6-2.6.3-7.8.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14061	P	xen-4.7.0_12-23.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13880	P	libXtst6-1.2.2-3.59 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13863	P	libHX28-3.18-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13816	P	evince-3.20.1-5.66 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14745	P	python-doc-2.7.13-28.11.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14723	P	pam_ssh-2.0-1.39 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14017	P	python-libxml2-2.9.4-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14085	P	apache2-mod_jk-1.2.40-5.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13992	P	openvpn-2.3.8-16.6.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:38206	P	Security update for libsndfile (Critical)	2021-07-27
oval:org.opensuse.security:def:38116	P	Security update for curl (Moderate)	2021-06-30
oval:org.opensuse.security:def:38425	P	Security update for SUSE Manager Client Tools (Important)	2021-06-21
oval:org.opensuse.security:def:13718	P	rsyslog-8.4.0-8.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13748	P	wpa_supplicant-2.2-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13726	P	squid-3.3.13-4.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:38366	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:39265	P	Security update for openldap2 (Important)	2021-03-04
oval:org.opensuse.security:def:37821	P	ibus-chewing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39223	P	openconnect on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26932	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27216	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37737	P	autofs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38585	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26931	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27135	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28380	P	Security update for rubygem-actionpack-3_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37726	P	apache-commons-beanutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38541	P	apache-commons-beanutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27610	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27007	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28345	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:38513	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27561	P	rubygem-rack-1_4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26943	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27707	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:38474	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27508	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38059	P	rzsz on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37725	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27663	P	Security update for rubygem-actionpack-2_1	2020-12-01
oval:org.opensuse.security:def:27357	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37958	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27649	P	Security update for lighttpd	2020-12-01
oval:org.opensuse.security:def:27273	P	procmail on GA media (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201607510000000	V	CVE-2016-0751 on Ubuntu 18.04 LTS (bionic) - medium.	2016-02-16
oval:com.ubuntu.xenial:def:201607510000000	V	CVE-2016-0751 on Ubuntu 16.04 LTS (xenial) - medium.	2016-02-16
oval:com.ubuntu.disco:def:201607510000000	V	CVE-2016-0751 on Ubuntu 19.04 (disco) - medium.	2016-02-16
oval:com.ubuntu.cosmic:def:201607510000000	V	CVE-2016-0751 on Ubuntu 18.10 (cosmic) - medium.	2016-02-15
oval:com.ubuntu.artful:def:20160751000	V	CVE-2016-0751 on Ubuntu 17.10 (artful) - medium.	2016-02-15
oval:com.ubuntu.trusty:def:20160751000	V	CVE-2016-0751 on Ubuntu 14.04 LTS (trusty) - medium.	2016-02-15
oval:com.ubuntu.bionic:def:20160751000	V	CVE-2016-0751 on Ubuntu 18.04 LTS (bionic) - medium.	2016-02-15
oval:com.ubuntu.xenial:def:20160751000	V	CVE-2016-0751 on Ubuntu 16.04 LTS (xenial) - medium.	2016-02-15
oval:com.ubuntu.cosmic:def:20160751000	V	CVE-2016-0751 on Ubuntu 18.10 (cosmic) - medium.	2016-02-15
oval:com.ubuntu.precise:def:20160751000	V	CVE-2016-0751 on Ubuntu 12.04 LTS (precise) - medium.	2016-02-15