Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-3656

Опубликовано: 13 авг. 2008
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 7.8

Описание

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.

РелизСтатусПримечание
dapper

released

1.8.4-1ubuntu1.6
devel

not-affected

1.8.7.72-1
feisty

released

1.8.5-4ubuntu2.3
gutsy

released

1.8.6.36-1ubuntu3.3
hardy

released

1.8.6.111-2ubuntu1.2
intrepid

not-affected

1.8.7.72-1
jaunty

not-affected

1.8.7.72-1
karmic

not-affected

1.8.7.72-1
lucid

not-affected

1.8.7.72-1
maverick

not-affected

1.8.7.72-1

Показывать по

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

pulled 2010-07-27
feisty

ignored

end of life, was needed
gutsy

ignored

end of life, was needed
hardy

ignored

end of life
intrepid

released

1.9.0.2-7
jaunty

released

1.9.0.2-7
karmic

released

1.9.0.2-7
lucid

released

1.9.0.2-7
maverick

DNE

pulled 2010-07-27

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%
0.67854
Средний

7.8 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-3656

redhat
почти 17 лет назад

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.

nvd логотип

CVE-2008-3656

nvd
почти 17 лет назад

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.

debian логотип

CVE-2008-3656

debian
почти 17 лет назад

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_h ...

github логотип

GHSA-823x-6r7f-v9x6

github
около 3 лет назад

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.

fstec логотип

BDU:2015-01943

fstec
больше 10 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации

EPSS

Процентиль: 98%
0.67854
Средний

7.8 High

CVSS2