CVE-2004-0983
CVSS5.0
发布时间 :2005-03-01 00:00:00
修订时间 :2010-08-21 00:21:35
NMCOPS    

[原文]The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.


[CNNVD]Ruby CGI模块 未明拒绝服务漏洞(CNNVD-200503-018)

        远程攻击者可以借助Ruby 1.6.8之前的1.6版本和1.8.2之前的1.8版本中的CGI模块,通过特定HTTP请求实施拒绝服务攻击(无限循环和CPU消耗)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64
cpe:/o:mandrakesoft:mandrake_linux:10.1MandrakeSoft Mandrake Linux 10.1
cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64
cpe:/a:yukihiro_matsumoto:ruby:1.6
cpe:/a:yukihiro_matsumoto:ruby:1.8
cpe:/a:yukihiro_matsumoto:ruby:1.8.2_pre2
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1MandrakeSoft Mandrake Linux Corporate Server 2.1
cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64
cpe:/o:gentoo:linuxGentoo Linux
cpe:/o:mandrakesoft:mandrake_linux:9.2MandrakeSoft Mandrake Linux 9.2
cpe:/o:ubuntu:ubuntu_linux:4.1::ia64
cpe:/o:mandrakesoft:mandrake_linux:10.0MandrakeSoft Mandrake Linux 10.0
cpe:/o:ubuntu:ubuntu_linux:4.1::ppc
cpe:/a:yukihiro_matsumoto:ruby:1.6.7
cpe:/a:yukihiro_matsumoto:ruby:1.8.1
cpe:/a:yukihiro_matsumoto:ruby:1.8.2_pre1

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10268The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU c...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0983
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200503-018
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/11618
(VENDOR_ADVISORY)  BID  11618
http://xforce.iss.net/xforce/xfdb/17985
(VENDOR_ADVISORY)  XF  ruby-cgi-dos(17985)
http://www.ubuntulinux.org/support/documentation/usn/usn-20-1
(UNKNOWN)  UBUNTU  USN-20-1
http://www.redhat.com/support/errata/RHSA-2004-635.html
(UNKNOWN)  REDHAT  RHSA-2004:635
http://www.debian.org/security/2004/dsa-586
(UNKNOWN)  DEBIAN  DSA-586
http://www.mandriva.com/security/advisories?name=MDKSA-2004:128
(UNKNOWN)  MANDRAKE  MDKSA-2004:128

- 漏洞信息

Ruby CGI模块 未明拒绝服务漏洞
中危 其他
2005-03-01 00:00:00 2005-10-20 00:00:00
远程  
        远程攻击者可以借助Ruby 1.6.8之前的1.6版本和1.8.2之前的1.8版本中的CGI模块,通过特定HTTP请求实施拒绝服务攻击(无限循环和CPU消耗)。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Yukihiro Matsumoto Ruby 1.6
        RedHat irb-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/irb-1.6.7-5.l egacy.i386.rpm
        RedHat irb-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/irb-1.6.8-6.2.l egacy.i386.rpm
        RedHat ruby-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-1.6.7-5. legacy.i386.rpm
        RedHat ruby-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/ruby-1.6.8-6.2. legacy.i386.rpm
        RedHat ruby-devel-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-devel-1. 6.7-5.legacy.i386.rpm
        RedHat ruby-devel-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/ruby-devel-1.6. 8-6.2.legacy.i386.rpm
        RedHat ruby-docs-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-docs-1.6 .7-5.legacy.i386.rpm
        RedHat ruby-docs-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/ruby-docs-1.6.8 -6.2.legacy.i386.rpm
        RedHat ruby-libs-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-libs-1.6 .7-5.legacy.i386.rpm
        RedHat ruby-libs-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/ruby-libs-1.6.8 -6.2.legacy.i386.rpm
        RedHat ruby-mode-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-mode-1.6 .7-5.legacy.i386.rpm
        RedHat ruby-mode-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/ruby-mode-1.6.8 -6.2.legacy.i386.rpm
        RedHat ruby-mode-xemacs-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-mode-xem acs-1.6.7-5.legacy.i386.rpm
        RedHat ruby-tcltk-1.6.7-5.legacy.i386.rpm
        RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/ruby-tcltk-1. 6.7-5.legacy.i386.rpm
        RedHat ruby-tcltk-1.6.8-6.2.legacy.i386.rpm
        RedHat Linux 9.0
        http://download.fedoralegacy.org/redhat/9/updates/i386/ruby-tcltk-1.6. 8-6.2.legacy.i386.rpm
        

- 漏洞信息 (F34973)

dsa-586.txt (PacketStormID:F34973)
2004-11-10 00:00:00
 
advisory,cgi,ruby
linux,debian
CVE-2004-0983
[点击下载]

Debian Security Advisory 586-1 - The upstream developers of Ruby have corrected a problem in the CGI module for this language. Specially crafted requests could cause an infinite loop and thus cause the program to eat up cpu cycles.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 586-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 8th, 2004                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ruby
Vulnerability  : infinite loop
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0983

The upstream developers of Ruby have corrected a problem in the CGI
module for this language.  Specially crafted requests could cause an
infinite loop and thus cause the program to eat up cpu cycles.

For the stable distribution (woody) this problem has been fixed in
version ruby_1.6.7-3woody4.

For the unstable distribution (sid) this problem has been fixed in
version 1.6.8-12 of ruby1.6 and in version 1.8.1+1.8.2pre2-4 of
ruby1.8.

We recommend that you upgrade your ruby packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4.dsc
      Size/MD5 checksum:      909 199360fc56e90c03e2db35898539962f
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4.diff.gz
      Size/MD5 checksum:    43409 c4c76a272d9d57142b2376146bc57297
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7.orig.tar.gz
      Size/MD5 checksum:   996835 a8859c679ee9acbfdf5056cdf26fcad3

  Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby/irb_1.6.7-3woody4_all.deb
      Size/MD5 checksum:    51190 b6580615493b7f8c808f4f5eb515f477
    http://security.debian.org/pool/updates/main/r/ruby/ruby-elisp_1.6.7-3woody4_all.deb
      Size/MD5 checksum:    30256 88bcceab112fe1bcd53257744131eae1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-examples_1.6.7-3woody4_all.deb
      Size/MD5 checksum:    37868 0cf747524848e0d2efa3645fb7c92689

  Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   129432 3cbff5f492c63cdc9f8fb4d024545ea1
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   128536 c81d37ad31fff057cf78609483e7271a
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   129916 3719a9eb879e07a1e57b3296008f6f69
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   134810 0f9dd8734048519d8b5e0816390c2378
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   131850 8e272284f74f85a3d3eebdc913770658
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   128418 b733779d7cd49e56b5d66aebd19f37e7
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   644334 87212bd04df1281c6a1d1a4193224c78
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   132306 9ad79ac47ca27342fd43067f401d8022
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   128898 2e1a420e607eb122b44d4569ed78b62d
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   147450 2dd530d288433af42f4ab618d6fca175
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   161412 bb9d3de7e3762fae64988cdb32058542
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   142598 06bb7a48e88f88b1181f84ea5afdc6f0
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_alpha.deb
      Size/MD5 checksum:   625952 d061059d60fbba454b4fecb82a379142

  ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   128410 9e3bd9c043823c09cc125147c822895c
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   127288 aa864c4c7f530ccf721c9fd93f099dc8
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   128256 e322d95f685a8d34202782d194f6c722
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   134412 126367777d4a433d919587a0c4d70da7
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   131148 a5787b6c6d0079a9f96d14692293a00d
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   127294 420037c1098af3276462759bfff23667
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   602604 c88d34f9da796fa8c3b0579a7ce7cb27
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   130438 9486b70ef349cdecfd12e1fad1f77d58
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   128128 1f2318657512f5e380ddf14ecdd7d1f5
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   146672 27ad97be62896efa48444c45623c633e
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   161198 648bde75b0580d415915b533d91a97f0
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   142244 6e8d061702997082f0d6d5feb0898a7a
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_arm.deb
      Size/MD5 checksum:   572526 53a98f30755208601fe4fc4d99d74a57

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   127880 3dc0c51bb246687328aa827455247be4
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   127104 ea3173d828b26dbac3f3224612fa0300
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   127894 efd27bf87a7a249119693cff25718eee
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   132648 538f6b0d6f6297691005b7ce60301a26
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   130944 f67d0c521020549b32917334674696e1
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   127056 d5c6b4ce35bce1e8e2b0abcb8f80ed1e
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   561150 4e4e8270a8223570624d55e0034969d3
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   129928 1a085637ebf9062f9b78a704a6e150b4
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   127348 505fe1f5620cd1201d4e94ac5c310acb
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   146304 3a8e4a64e01b5b78d65a4810ff6aade8
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   161234 3476bd2c5f1c3165237f21111e563cd4
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   142276 bf74377050c4373317d07dcf3b821fe2
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_i386.deb
      Size/MD5 checksum:   492438 d9ef4e8e23d57350c310dd00215a51fc

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   133056 c6d7d0c8e66da163e617af19ab32174f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   132576 9f65b2d53d891c10daa68d3f5fb7a81a
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   134616 25a9cdaf1418344e0ea803094960a81c
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   139766 b0a4c58bee7c44a97d866fe49671e81e
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   133928 4539eff1c1074629a79cb5630c7e43d8
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   131512 1d74c8cf0bcbe1b1385889983bfa77b3
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   853860 5ac66974e66dd4324b8c8e1d886d9da9
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   140264 0a0c69a7c57da26ef7d87379742191db
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   130660 50e945b5df3dbe27bb290a47609f8067
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   150256 0d478ffe79f2be25db7a3604300c48ab
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   162244 32fc67647bbc9b35043c73e202fcdfdf
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   143114 18c9a2481d90188c9a332ceede0d7d06
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_ia64.deb
      Size/MD5 checksum:   754826 c5e701c7d8000222ce3f3bbc084af5af

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   130440 f6fe18b37b1a851031582a9334de2836
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   129176 73b3a5f73cb6a3a72bad76833bbd3729
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   130678 5b2ab73b5aff751afd5780af62538c7d
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   135930 850c56e998f1d8419837fe24e960026c
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   132160 d9fa43555b58fe88d3dd1cb2b4dde147
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   128510 db3422cc1597acfbd53f8db282b3c783
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   685908 d8b91cee22560e4608dde2ef04ded24e
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   132836 2a7be0622735ec3aeaa70d261497d65a
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   128964 d37045a5ce0a4ffb9ef517a7fb1d4dbf
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   147902 940815241e7e7fdf5013ec8078293b50
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   161750 c5affb0a6f5f82c11bbafad51b2171fe
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   142506 5313e32349190c2a150d43fa43436c85
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_hppa.deb
      Size/MD5 checksum:   666998 129a9447f748c21b2fe5382f84acb213

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   128298 55b236441e151783b9c7d867e8187ed5
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   127108 ac8e3c718468608bea28aabb8fb37bfb
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   128262 e710132cd211c7d2413f9dc790782ab5
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   132694 04a1b5defbc57aef1e2a2330a80805fd
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   131238 9097225d1cee919b14eed00c68457a35
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   127290 accee1bd5b48d3670f9cead8b8a42e64
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   561382 1e21f886c136f6e05641cec62845490b
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   129644 ee900502f7ad6042d6ee37378a553fb4
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   128102 a4390ccf3227e93c5c6e1cb719c771ba
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   146564 6cc5331ef73c6145792f86e9a1205b3e
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   161302 287c43be44f268f5941670d8983606a6
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   142246 4d09720137be6ebec0aeca423b836c3b
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_m68k.deb
      Size/MD5 checksum:   470712 e85eda6ffd0e8a85a2705d7d65b0ca12

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   128152 9e323267b5f8a47e8c47467a81d450f0
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   126822 e048c0391e1d62aa40b7c21f130cb9c2
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   127980 9588d89e6ab651eaad5392735719eb84
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   133614 2db5775159f06175fed5cc63f1559153
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   130856 cab3b73933938ae2558632fce6bdccb4
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   127084 76f1886cd944cb89c5296ed7f3411e16
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   581736 d9d21a35d1ed7267e147e34a087bced8
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   130336 57fd2119f853dfdee546071a96ffc04a
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   127706 9456e664f69b8fabe815805212c427a7
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   146474 f43596f4435aa887dd6a340a63eb3c20
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   161312 deaf758a93f1529c6aacbe8c203280fd
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   142618 aab602027d34a4c5690e00ccafefd706
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_mips.deb
      Size/MD5 checksum:   587290 9068c5ce8038daea875f195687715d37

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   128098 0e46a826fdb048817e09e5cf53645abe
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   126826 f30463b0fe328fa31d6c3a49d2a052cd
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   128004 684d13c8e85590976029063c8a5ef885
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   133618 1d57615676c8c6ed80c15f55ad3706d6
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   130826 38341383e63a218ee928638e04c49e6c
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   127026 5546d03c6009cbf97eb61d3906bf05d6
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   581294 54dd74853840bbbb338c62937e3318ac
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   130328 f2270cd4bfdf0ad90d26795224a95fa4
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   127688 944b1a3525ca204ecfa70d6c46c25c4d
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   146418 002925591187c3487fd3d8987c7a56be
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   161306 3b2ce6d70d1753b0e3e12abcdd9ba8c2
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   142614 73ba05758bd54c2b7af8e95ef6f76af4
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_mipsel.deb
      Size/MD5 checksum:   577882 08e5a5a91337fbda01a335df8384da70

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   128274 6f1e3c99253cc172d676e0811db57e74
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   127478 5a86db62b7f07d3f711efb6a6de13073
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   128572 c1f64790a1dcd6657c175d3be4c038ce
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   134322 a518edf77b465b71db89d34a31ff631e
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   131204 6367c22269b599ddc2022d616f82fc8a
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   127368 02a031cc70dad9487e4a9e79fbfe0d17
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   607068 af6386ab9d80c1a39d3411f01cff70f6
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   130450 4161549d5591da50995300530ada8520
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   128184 2cfcab0134094b8f7caa7c5761bf2b63
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   146914 8d8ae11f0faf8e9c3b9b8308a579c2d5
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   161310 bb8612849e60aea662406a757e09515d
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   142330 05b221e194ad7a65559e53b13d194630
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_powerpc.deb
      Size/MD5 checksum:   529196 6dcd94f69903d3bcb3781c330c5c981d

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   128488 0931c0035e04400f1e48b0ce5b89b6c4
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   127678 3acaf1ab5b8cbb0dfdd5cf759edafaf5
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   128746 8fcd7895614255b22d644b104eb7b338
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   133524 41055f25c4d254850fcedbbb0a636221
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   131688 058536a74df5d18b0a08f671d6290847
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   127768 c666c6e169f05a2ea8ac8fd46fadf01f
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   600614 d083995d65a5c79a79476d8ab70edb35
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   130696 7e75d8373f9586b19e95541214b7b14f
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   127760 95cf6b025344b7a5b55e8cf8a12f90f8
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   147070 a8c6b3a9664a3ef696377f14115e0a92
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   161384 44ec1ebeec49842ec4e3c23d9d40df3f
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   142500 ed510a30770f89f35bad50fd7dee9a82
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_s390.deb
      Size/MD5 checksum:   532212 653a2c2dfd48a33551f9a5b570f0b664

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   128254 3b5ec49699a65aec44d8b27630e05be6
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   127294 75b65858c3503779311c53f818188771
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   128748 6358ff600d36b812ef48a6fbb291dfba
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   134156 b44b0d669aec0518608a700d93b24c40
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   131186 74b71c01ee70d367a91425c0fe6735ff
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   127264 93fa0d55c0f14148ad1e825edd3b4acf
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   603020 aed9fd7f8361c16258abdad3564adc3e
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   130048 9f75668d3c17766db4db64838c2994fc
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   128114 a6544df8b060d2c94b1bdfdfdc14eaeb
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   146620 0a0b084ab86408b05f17f3268848e1f8
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   161350 6db87d6b482fe10ccff0fe8a3a20d72c
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   142258 04627f05234f120191f30b78b6879061
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody4_sparc.deb
      Size/MD5 checksum:   561120 c86b071dca233c3dacb79b454d334fdb


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBjz4hW5ql+IAeqTIRAiREAJ4vOLH4IVJtEBzb5pZCXOvY9QxQIgCfRrM8
vZ9URYsyRamulQi34pn5Jlw=
=xo7R
-----END PGP SIGNATURE-----

    

- 漏洞信息

11534
Ruby cgi.rb Malformed HTTP Request CPU Utilization DoS
Denial of Service
Loss of Availability

- 漏洞描述

- 时间线

2004-11-08 Unknow
Unknow Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Yukihiro Matsumoto Ruby CGI Module Unspecified Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 11618
Yes No
2004-11-08 12:00:00 2009-07-12 08:06:00
This vulnerability was announced in a vendor advisory.

- 受影响的程序版本

Yukihiro Matsumoto Ruby 1.8.2 pre2
Yukihiro Matsumoto Ruby 1.8.2 pre1
Yukihiro Matsumoto Ruby 1.8.1
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
Yukihiro Matsumoto Ruby 1.8
+ Red Hat Fedora Core3
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Yukihiro Matsumoto Ruby 1.6.7
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Yukihiro Matsumoto Ruby 1.6
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Home
SGI ProPack 3.0
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core1
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Gentoo Linux
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha

- 漏洞讨论

Ruby is reported prone to a remote denial of service vulnerability. It is reported that when the Ruby CGI module handles certain requests, it may fall into an infinite loop and consume system CPU resources.

A remote attacker may exploit this vulnerability to deny service to a computer that is running the affected Ruby CGI module.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Debian has released advisory (DSA 586-1) and fixes to address this vulnerability. Please see the referenced advisory for further details in regards to obtaining and installing appropriate updates.

Mandrake has released advisory MDKSA-2004:128 along with fixes to address this issue. Please see the referenced advisory for further information.

Ubuntu Linux has released advisory USN-20-1 along with fixes to address this issue. Please see the referenced advisory for further information.

RedHat has released advisories FEDORA-2004-402 and FEDORA-2004-403 dealing with this issue for their Fedora Core2 and Core 3 packages. Please see the referenced advisories for more information.

Gentoo Linux has made an advisory (GLSA 200411-23) available dealing with this issue. Gentoo has advised that all Ruby 1.6.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.6.8-r12"

All Ruby 1.8.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.2_pre3"

For more information please see the referenced Gentoo Linux advisory.

Red Hat has released an advisory (RHSA-2004:635-03) to address this issue in Red Hat Enterprise Linux. Please see the advisory in Web references for more information.

SGI has released advisory 20050101-01-U (SGI Advanced Linux Environment 3 Security Update #21) to address various issues in SGI Advanced Linux Environment 3. This advisory includes updated SGI ProPack 3 Service Pack 3 packages. Please see the referenced advisory for more information.

SGI has released advisory 20050101-01-U (SGI Advanced Linux Environment 3 Security Update #23) to address various issues in SGI Advanced Linux Environment 3. This advisory includes updated SGI ProPack 3 Service Pack 3 packages. Please see the referenced advisory for more information.

Turbolinux has released advisory Turbolinux Security Announcement 31/Jan/2005 to address various issues. Please see the referenced advisory for more information.

SuSE Linux has released a security summary report (SUSE-SR:2005:004) that contains fixes to address this and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.

The Fedora Legacy project has released advisory FLSA:152768 to address this issue in RedHat Linux 7.3, 9, and Fedora Core 1. Please see the referenced advisory for further information.


Yukihiro Matsumoto Ruby 1.6

Yukihiro Matsumoto Ruby 1.6.7

Yukihiro Matsumoto Ruby 1.8

Yukihiro Matsumoto Ruby 1.8.1

Yukihiro Matsumoto Ruby 1.8.2 pre2

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站