CVE-2005-1992
CVSS7.5
发布时间 :2005-06-20 00:00:00
修订时间 :2013-08-21 00:42:43
NMCOPS    

[原文]The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands.


[CNNVD]ruby library 'utils.rb'任意代码执行漏洞(CNNVD-200506-191)

        ruby library (libruby) 1.8中utils.rb文件的XMLRPC服务器设置了一个无效的默认值,导致"安全保护"无法使用处理器,远程攻击者可利用此漏洞执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10819The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using han...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1992
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1992
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200506-191
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/684913
(UNKNOWN)  CERT-VN  VU#684913
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/5237
(PATCH)  CONFIRM  http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/5237
http://www2.ruby-lang.org/en/20050701.html
(UNKNOWN)  CONFIRM  http://www2.ruby-lang.org/en/20050701.html
http://www.securityfocus.com/bid/14016
(UNKNOWN)  BID  14016
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315064
(UNKNOWN)  CONFIRM  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315064
http://www.redhat.com/support/errata/RHSA-2005-543.html
(UNKNOWN)  REDHAT  RHSA-2005:543
http://www.novell.com/linux/security/advisories/2005_18_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:018
http://www.debian.org/security/2005/dsa-748
(UNKNOWN)  DEBIAN  DSA-748
http://www.ciac.org/ciac/bulletins/p-312.shtml
(UNKNOWN)  CIAC  P-312
http://www.auscert.org.au/5509
(UNKNOWN)  AUSCERT  ESB-2005.0732
http://secunia.com/advisories/16920/
(UNKNOWN)  SECUNIA  16920
http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html
(UNKNOWN)  APPLE  APPLE-SA-2005-09-22

- 漏洞信息

ruby library 'utils.rb'任意代码执行漏洞
高危 设计错误
2005-06-20 00:00:00 2005-10-20 00:00:00
远程  
        ruby library (libruby) 1.8中utils.rb文件的XMLRPC服务器设置了一个无效的默认值,导致"安全保护"无法使用处理器,远程攻击者可利用此漏洞执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Yukihiro Matsumoto Ruby 1.8.
        Debian libdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian libopenssl-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian libreadline-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian libruby1.8-dbg_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_amd64.deb
        Debian libruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_amd64.deb
        Debian libtcltk-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian ruby1.8-dev_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_amd64.deb
        Debian ruby1.8_1.8.2-7sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_amd64.deb
        Yukihiro Matsumoto ruby-1.8.2-xmlrpc-ipimethods-fix.diff
        http://www.ruby-lang.org/patches/ruby-1.8.2-xmlrpc-ipimethods-fix.diff
        Turbolinux Turbolinux Server 10.0
        TurboLinux ruby-1.8.1-6.i586.rpm
        ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/ruby-1.8.1-6.i586.rpm

- 漏洞信息 (F38600)

Debian Linux Security Advisory 748-1 (PacketStormID:F38600)
2005-07-12 00:00:00
Debian  security.debian.org
advisory,arbitrary,ruby
linux,debian
CVE-2005-1992
[点击下载]

Debian Security Advisory DSA 748-1 - A vulnerability has been discovered in ruby 1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA 748-1                   security@debian.org
http://www.debian.org/security/                            Michael Stone
July 10, 2005                         http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : ruby1.8
Vulnerability  : arbitrary command execution
Problem type   : bad default value
Debian-specific: no
CVE ID         : CAN-2005-1992

A vulnerability has been discovered in ruby1.8 that could allow arbitrary
command execution on a server running the ruby xmlrpc server. 

The old stable distribution (woody) did not include ruby1.8.

This problem is fixed for the current stable distribution (sarge) in
version 1.8.2-7sarge1.

This problem is fixed for the unstable distribution in version 1.8.2-8.

We recommend that you upgrade your ruby1.8 package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian 3.1 (sarge)
- ------------------

  sarge was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

  Source archives:

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1.dsc
      Size/MD5 checksum:     1024 d14377473cdeb0a26538b6137faa5c66
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1.diff.gz
      Size/MD5 checksum:   529167 25de3bdf1775f90246f76e50a6aba24a
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2.orig.tar.gz
      Size/MD5 checksum:  3623780 4bc5254bec262d18cf1ceef03aae8bdf

  Architecture independent packages:

    http://security.debian.org/pool/updates/main/r/ruby1.8/ri1.8_1.8.2-7sarge1_all.deb
      Size/MD5 checksum:   704400 f9004f2fedac63615c50bf6dab046fda
    http://security.debian.org/pool/updates/main/r/ruby1.8/irb1.8_1.8.2-7sarge1_all.deb
      Size/MD5 checksum:   166072 60511fe4d9427eaf5a1d8df2ecba2e36
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-examples_1.8.2-7sarge1_all.deb
      Size/MD5 checksum:   216196 b08d57bed7996624c1a601e866329fc0
    http://security.debian.org/pool/updates/main/r/ruby1.8/rdoc1.8_1.8.2-7sarge1_all.deb
      Size/MD5 checksum:   234004 47a6c5a62e9f73f4a34d04824874bc99
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-elisp_1.8.2-7sarge1_all.deb
      Size/MD5 checksum:   142196 bcf34b40ab001265127728099452f800

  alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   151536 7ad683fac513e46996628a20ff6d3356
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   135552 c553fb4dce8871a275bb896848355bbb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   137110 920de906ca471e12ced86b56ff8f9366
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:  1468148 8a3ac95d4886583af1b97d937d849370
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   795320 d8d640aab99c18fa596b09f03c8c4d2d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   826790 c148490eceaa8969e138592020813f6f
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   133032 b7c0d0e594dc012ecc73c8490f1b9ba6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:  1449782 56d55e6c9df86dd7fb46c2fd939408ea
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_alpha.deb
      Size/MD5 checksum:   237188 7d45e77345bc580ca8382f29203c7cb1

  arm architecture (ARM)

    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   743330 564d6353a5d64d77417f5a6ffcf9a9e7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:  1440694 24737b7854ab18b09bb9e6b4f303c2a3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:  1347836 8f79580b86d089a5b43236c756dd471e
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   151074 7846a4af8f3038d0b54c9e31979ddaa8
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   131352 69bccef101a65da4e60f46fc7cdebc3d
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   659604 ed60810b767dbac00807c055dffb077c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   133974 03f175228880f3e67884278964af9c44
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   135070 f0c48c0fcded7fad805d52c9ba11a374
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_arm.deb
      Size/MD5 checksum:   221986 59fea0388c3f8d69e5665d67686e419f

  hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   136124 aa4ec29a5603524a3a99068328bd2890
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   133314 06831884efd70902c8aaad45bf6418a9
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   246472 e18f8e843b24a50f132667ffdd37b066
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:  1500408 0f9edd9f4b205e7b9ca0cad505229564
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:  1453302 f6ae09a3da2cef1f52baead88a7fe8eb
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   839358 ed8caa18b5becb20c142ca5f5f4b3d10
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   735292 747451a46dcd4b2f4eab683ecbfb1b1a
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   151662 d86c380a9955d76caa3c5f926ffab9c9
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_hppa.deb
      Size/MD5 checksum:   137786 a3289420dcbf65defb518e7baa9e5664

  i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   757634 1c4eacc0d440daf346b9840ff4906a02
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:  1439660 16ebd5860eb7ce78e2c5207269abd1ae
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   621934 5ff7f6069562d4552425b42d5f36a44b
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   151160 09a9272d40c33d8405609c0e0ce9f6ff
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   135784 9d2429dc457718bd993150d535b72992
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   134530 e3bd1cfa5f649d7a20bb51ef66a348de
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   224488 3b87ea10a0cc9caebc2fdb6b57298dae
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:   131534 3b90f35710b1f797ca33ec942bbdc061
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_i386.deb
      Size/MD5 checksum:  1349126 1ee770bca87a88e399c8c4f77a3ccfdf

  ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   866786 4062c4ab81135dd456ab1e7db46557f1
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   151990 0097a803bdb56626f3c1875fd5befd4f
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   138178 fc8c3461455ffbf6592a5eacf5972a42
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   265250 3872b4240e71ab5a86c3ebfe00c5749c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:  1703116 d7f9a2384dd0db85e342916155b68740
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:  1462560 d7a7c73d4e83e59b803828adde5f097d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   135386 13759baab835003fddbac010632c867d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   140004 7dd9e61a7abbdeacd3264250d9d9cf78
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_ia64.deb
      Size/MD5 checksum:   997468 8357023376acc0f4363f6d7d986562f8

  m68k architecture (Motorola Mc680x0)

    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   230308 48024963051c3ccf8458b9ee4b6e5ab1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   134000 58b3e21ca9e7c1b06d5ae24cf7d1fcb6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:  1332362 35568fb709d0a8bb45a18ef93133b4dd
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:  1438972 bb805f3e9f2db92d1c2d5d0e3feb6901
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   151028 02689b83b0d0dc0cc8755a062a2527c3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   135380 21db9337dae209c4e49ec6acb1fcfcf6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   729576 f94a068b39584d74537e5f65cfaa9a99
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   131684 3ad3d523ebeee21d80f719e9a787cefe
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_m68k.deb
      Size/MD5 checksum:   552530 74670dad735e6a189b0d47789e1e2a43

  mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   683568 56200fb8806a1375f0e6bcc95accb229
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   763272 8f8ae4dd98b5c2636db18ad2f759526f
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   133774 4b975e5153049d8ed451b62fda972f98
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:  1435686 b519dffb4ea63ce422676a9726d5a293
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   151812 14b9bc2f30a6b1bbbbdd488f67089507
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   215090 383d30a807b65a4d640362c0a17d61ec
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:  1355828 1ceede1d947d90aa282f691125e772d1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   135142 7b4848c09eb350b78a21f20c31f0d037
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_mips.deb
      Size/MD5 checksum:   131258 650422e74a3224c83febcc808f12dfad

  mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   756344 0902f6e34ac2da00ccb6a8f497785a51
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   133792 a156c60a8da03d4fb2a5a6d2a543f099
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   135158 8e97465aa547f8101a351df74617adfe
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   151796 1d678358ebb525b0ad99e1e21c0678b6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:  1435836 99e1916c1e373d607b181be087e20c0d
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   677402 335fd9c10febcccf380ac6483611485b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   214298 32568fc97cb013a5ae69269364236dd6
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:  1357300 c9139962bd699085ce93af7e7e38bea8
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_mipsel.deb
      Size/MD5 checksum:   131204 01c4c965d5806407775720c4aa7c6758

  powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   136366 307c39c6ba0b8859c926add812959f1b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   224690 d6cbd4ea63e218a9f7d3ffd885ca5812
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   137434 df4659294003b02b2775b1fc06241a02
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:  1405706 8e1764862dc1a8bd4dab3ce803d46c97
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   969804 ad56b9d0845fae35ad9d2c355e097e0e
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:  1444018 e72ce9936c5f1fa7e2f03685f575678e
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   620414 b5c4a9ee758871b12ade251370acdafa
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   152960 208e5b3c9eea867bf5f22a157f1780a3
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_powerpc.deb
      Size/MD5 checksum:   133426 a3085fd784eb8ffa69433fbbc7989e2e

  s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   674136 1c8f6d61b5c1a5b64f739356cab851b1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:  1430890 391dc5d38b4296d1d130a7e3180fcb8b
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   136752 afca1f7aad665e4ef2eaf575063568df
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   239460 31b887aab09ddcd2e4c73b59a763e9f7
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:  1446898 c68eebe3a5aefd2481c5f2be11d1b288
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   907170 ef7a778b5c3ff7d7018249d12ed1cc42
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   151324 7b6eef790b8521af70caccc2222648b1
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   132744 9ad294790e0671a9554f51e9e98dcfae
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_s390.deb
      Size/MD5 checksum:   135400 9316718a838de0e4eb70d2219f62deda

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   151092 6c8703faeef65dbe01c8bc3ca58eb21c
    http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   228680 f42008816718184b32ed9fbc9e9792de
    http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   134242 1454796bb631a487b1a09c0b79f74612
    http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:  1441658 a8f4b6b51a04f34d5af8e42b9aaca089
    http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   135444 e863c95f206b5f962f6e54cacd4d86d1
    http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   645918 f37ee519426241b04c45696ebec8e0fe
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   747554 475e9a0ca6eb5bda8f902aa072a83778
    http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:   131602 5e7709c25e545b412f7dfda412b35e6d
    http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_sparc.deb
      Size/MD5 checksum:  1372542 1afe6cef5b2a0bde500017af7f8fab05

- -------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQCVAwUBQtJbLg0hVr09l8FJAQIM/QQAoeoGqVugoBJmeElz3n98cgrgO0TpeAs0
wNlF8usNl7rdcsimJF6MIBJsbvCPtTIbbqwDKegNqi6rJKvDBCSBBZ7HEiDx/2iE
rkjUNYs8XVUq/5BZYnv2tk7g3IfEhdzbVs0Rohiz0EoC4Y7WYgpzbUJ0B13hd824
JLPqMOc1v+M=
=FQJL
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F38363)

Ubuntu Security Notice 146-1 (PacketStormID:F38363)
2005-07-01 00:00:00
Ubuntu  ubuntu.com
advisory,remote,arbitrary
linux,ubuntu
CVE-2005-1992
[点击下载]

Ubuntu Security Notice USN-146-1 - Nobuhiro IMAI discovered that the changed default value of the Module#public_instance_methods() method broke the security protection of XMLRPC server handlers. A remote attacker could exploit this to execute arbitrary commands on an XMLRPC server.

===========================================================
Ubuntu Security Notice USN-146-1	      June 29, 2005
ruby1.8 vulnerability
CAN-2005-1992
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

libxmlrpc-ruby1.8
ruby1.8

The problem can be corrected by upgrading the affected package to
version 1.8.1+1.8.2pre2-3ubuntu0.2 (for Ubuntu 4.10), or
1.8.1+1.8.2pre4-1ubuntu0.1 (for Ubuntu 5.04).  In general, a standard
system upgrade is sufficient to effect the necessary changes; however,
if you run custom XMLRPC servers implemented in Ruby, you have to
restart them.

Details follow:

Nobuhiro IMAI discovered that the changed default value of the
Module#public_instance_methods() method broke the security protection
of XMLRPC server handlers. A remote attacker could exploit this to
execute arbitrary commands on an XMLRPC server.


Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2.diff.gz
      Size/MD5:   154525 13e3897dc3c2e5a2b8d57ea6ad63d121
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2.dsc
      Size/MD5:     1409 1bf1608d980f6d3af81309f32c6fd1a5
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2.orig.tar.gz
      Size/MD5:  3438795 2a03d56781fb19e5dd967b0d5b394f84

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   127404 7be54795427864e9081b855e59c7adbb
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdrb-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   109848 3d24999520e6507f43a9d77bc920e117
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/liberb-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:    90128 c3b85f3f17fd45c52f980a219ce77df4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/librexml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   147262 03475f8382b1fb23f8a68c5643d5fd37
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsoap-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   189890 9fea1fddf60106bd4b689ad587515e79
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtest-unit-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   112830 cbe836cee317a7e50ee2b75df717c9d1
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libwebrick-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   117132 90075f2cdbd6730b2ecea81a41fc52ca
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libxmlrpc-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   107948 e19027a0bf388554c24b0bd05df63f42
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   192730 ef38fb8d3ab78023132dd7366f1ea6a9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   394592 db491ea7114fa4f18ff84d9f966e580a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   103542 644b296334e4edce53bc89b9d231e336
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.1+1.8.2pre2-3ubuntu0.2_all.deb
      Size/MD5:   114034 d95ecd7e5687bdf7cd4523bfe2e540eb

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   131612 204de5b6c96c110f9ac5b39ed528b0a6
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   103708 01ef4101305712b0196f9847494e1a0c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    96416 863c30867139dc8f13efec5e1785b474
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   130078 9b3645563dac048e535dd4b3f3917a84
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    97728 fd3f9c0760297f58063d948f54d82bd1
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    91984 c57b14bec3675ab526a5a28e15a20577
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   191218 12d6b9b63e3a61c16c4e8582a9e52c9c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    95262 23b9b02cd3a259cb16830093aca4ad62
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    94874 a639cb62aa809ae37877834dbfdc4ba2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    93662 485033a8f011d7a29ac55bc5a4edf4ad
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   728764 5893d0c4f41c84df185d5a0ff348dea9
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   809788 af6edd247ed3302a931008a13685d17a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    99194 f255ec714c8d167dccd15e4e9670e2ea
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    92692 c4224a2932533869eb07d23e1bc737c2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:    92886 bd051ec83b800d7b9fc97b2d3fda5381
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   145946 2ff572205ec503fd141b13c007e807e9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:  1096926 144469c163fc956008aba89606dbd0e2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   140310 b371c0771cbd0b9d086675113ff86121
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   108408 e0899d1395a61be6382ac280b129d854
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   599654 df46b3f0fa152509b4fb48653ba998c3
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_amd64.deb
      Size/MD5:   109740 dcbaa942b2d25fcc1d77642db21a5785

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   129506 5e1f0f00b011c4eda5c272f7950a726b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   101692 d216f9aec92d764c92ad4db803bfac0a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    95862 c12907d1eae4a48fa0a6343fb50eb263
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   126652 156c3c67ff0929fcf59702859bda06f4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    96852 88237864d3aa44cd31a175717af4853b
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    91512 078baa4b01aa523f1eddcae884f01adf
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   179676 f708c304861b4b37bfabea5548eb0b08
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    94872 ae7cd32feb552ad3e9a17f607dc8cf9c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    94270 eb2a88b1d5a322180385047455e47293
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    92714 d3ec784f5527b2f683aed61911020249
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   690468 ec6f933584fcacba06e981a8de99c7de
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   766844 4ac98ea21dc84c9c48308fca082b0f03
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    98412 6199d3d98317f31ee0794d2723ba6d74
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    91620 d93eebb85b6ca04dd339f7686ec47ce6
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:    92212 444c7fe851a6c5345ae3d4a96eb87c98
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   142508 021136c46898c27f63ce08d8871fc560
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:  1095106 4b59d9dc7d1f487b7707abb1c5e0a564
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   137774 aee84652425b6353b3de4df6ed3d76b8
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   106584 f84caa153cd4455049af1e664f431c68
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   559090 0bded84b99c02e71942ca012f5bac41b
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_i386.deb
      Size/MD5:   109502 cea1ffa4f5d11bcf5b202e6766812058

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   134520 a3cfab41a3e37272b284b50fc308406c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   104848 f03524f0ef464e6d1e72df33cbf9dcc2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    97648 bbd238ae7b5af580a69c4df7f91a4755
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   128528 9bab9acd74e16927828e91cb38b19cc5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    98726 1da9026fa6714fb566ffc342ce4c92d9
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    93270 1e33bc3ef56b81170cf0acfa5c13e9c3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   182924 45faaeb1809692e149de3eb9a9bd934a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    96584 32396cd89165a5a30e3b75db5b231cf8
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    96166 af6f19d8b7df023794e5ab9c29b6054f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    94740 33b0eec1cdabdfa105e9921d51b32398
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   716388 176bdd3f7ebc6dfb3c37ed5466b8cfa8
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   814234 db3c4870fb452f51ebcb9fc0915b305a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   100526 6b1314fbe8bb43ec32a99571cccbc3b2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    93918 8cf074d2257f77dde355ec84ef42e256
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:    94508 a015ae0a57b5e6ec8f8170325b025986
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   145084 f15c657a84cf659b0aff5cab1315ec35
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:  1098236 1e49b4a22b485932a125134c2c6fd3cc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   138128 d0a3e5a68adaf355ef63476ddba9bd86
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   109060 e60bbd211a8700a3e7800fdf0a91ccb5
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   571844 659d4a2b4185b0f11bf2ea3c68a7ee4d
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre2-3ubuntu0.2_powerpc.deb
      Size/MD5:   111424 afb80351c360f5a8bd7207e16cb0877b

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1.diff.gz
      Size/MD5:    31506 0c8ed39d53ddbc3078c170cd04924625
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1.dsc
      Size/MD5:     1408 a2d181d82dd329e0f7f63e5f44baa539
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4.orig.tar.gz
      Size/MD5:  3598517 1bf195093ed5279412f1047f70fafded

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   148912 caee942ccd8534e7f5ec14e4321950ef
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdrb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   131672 f2399df0d032a9f0a2954421f4b79055
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/liberb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   115490 1f144657f3b75e5c76eb0dae9eb952e7
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/librexml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   168686 65c7e6780154d8e77fcde12daff8f6d8
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsoap-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   217308 b0d7cda83a0b21bad92894e20cbc89ea
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtest-unit-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   134440 f787421fffaaeaa3fb6f69b90c8b7d62
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libwebrick-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   139860 237e6f5ad3c2ed5dbd37c9d4ab81e3ce
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libxmlrpc-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   129430 34ec6b0e21ef9083a01015f040d285fc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   216102 cb4536878f9f8f37e6428e530f35b393
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   440750 e7cb5f0780db92abf18a7cd2ea58a344
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   125242 8258bb390f6d8459fa32fe45c9481f88
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.1+1.8.2pre4-1ubuntu0.1_all.deb
      Size/MD5:   134686 273b3375c6fe7b26ab92e9cc728b15ef

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   152668 588b28990c40c839907b0789464ddc39
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   125210 bfb1bfa99574f29cc0a37ca6e70bc3d4
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   117820 9a17d95147cc2827361ac4eb081637a2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   151662 dd6b1c2163c5212e500ac8bad305d601
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   119374 eb2467b386fbe34550ad00c18a2d5b1c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   113330 dc4c2f20fa14c2cee4ed58fcd9da6a0e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   214394 b6b13120a36dcca781856198032fbb5f
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   116462 1077ead9965f262b0d369c38d5f563e3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   116344 3806ea9d48fbcea4f7e230a3ecb7ead3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   115152 e064eb80896fae096ee64d50233b1ff5
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   759252 07dc0eca76d582f63d599812c96d2a07
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   900132 fc08d68c64312d8086e185d4ef7f9263
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   121180 2247421ac85368d3398584bf54697770
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   114054 df22a96785fe33a558d7867121c6bd4c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   114230 e019e2b65b029760766f2476a918ead0
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   171382 1940787050e85db7660c4d3972130630
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:  1141994 cee018476efbf5676188635a2906cf95
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   161710 e738623db6a2c52263a0b498629ddf60
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   130154 c2fd9261dbc3276a6d78ce0dcffa56ce
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   626192 b4f51cf59ddf70d30faed5e8d4753f4a
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_amd64.deb
      Size/MD5:   131110 af016b65d2a4cb03d274003ceb88a7f1

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   150918 2834d87c18a7560be40c9281dd4bac69
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   123274 f3b33b012b917b33d92f2b13a5df788c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   117248 380c3f0fd98fa9290c86788abb766a28
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   148032 f37ddb9f8813e9957009bfce1c179566
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   118338 23e17b7bc00afeb57a9a395b6c93559d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   112888 9e4e4e0a11b68d141cf864e252f9e299
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   202654 ed5845e1a39e1ec83526ed11d143133e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   116154 8eda416be74b806e971355a7dcc832d3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   115622 e6491161a4992278ecfa89125ebffb66
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   114348 cdc04115c75c353281ad796b85a1021d
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   718874 4c6c220b653905e95c5c40a96e4e6e01
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   855516 c2f0fb5caed230d032ed565874ce89d5
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   120326 d6f592e78ba2fe4858a3f6b39ca2a406
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   112992 f4355574b8c4ee1b735abcb984f233ae
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   113632 318c0def91cf0f7961a9be71950f131a
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   167680 37bb265aa59135bfca66716dbd5b5f4e
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:  1141804 598a0e8b71883a630983debcfc821041
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   159274 b48007cb1545bdc9c2a109deb4ed871c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   128330 a9bada2e96641d44544218434d421385
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   584864 f03dc25eb23c8272dec0e79470619c76
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_i386.deb
      Size/MD5:   130862 49a0ab9e3dd97b09238b4809c41b52de

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   155322 0c2327ba17a8d76a82ce24c35a6976cc
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   126376 ee0323e093fdfb7f14ebcb7cdd76e187
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   119272 f34a30d625df6fbdd48d6a80361d1fc3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   150174 ddd8a9d8a62d3a3f3dfebb2881d88d3c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   120398 13de8b991d12f2e66031459b6128ea34
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   114614 2a5e62bb502bb77956c96133494ced5d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   205786 1ee4a692f25ddbec439ae7e2f521b75d
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   117766 2060012ac9582640e7f270ddb1af1bbb
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   117666 dd80819c7d7461748c4589b54ec11ec2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   116250 313bd302281f66fde14d5f08f52d84de
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   949160 94b824d9966a3f435e01e38363f8c4a9
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   909478 24bb49cac0222f844aa0c64a6aa9c011
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   122448 2498cf48493d31a006e431aab00539a2
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   115296 837191c08c348b26d2ddbd8294e39ba3
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   115756 86e119fe70cb47772ff9a4d991d2175c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   170188 45f54de30ec1559726facce85246872c
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:  1142360 a5642424b64d00a0f324cc4f87cd52fa
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   159608 2480e7d74e999fbaacc31050d69b0891
    http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   130916 5843420cc47756a66d072a6aa58ecdd2
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   597854 c5f5a543c05a7f1d2c18b9d2d133d9be
    http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.1_powerpc.deb
      Size/MD5:   132778 80693c5305a25c62903d6be626b25d35
    

- 漏洞信息

17407
Ruby XMLRPC Server Unspecified Arbitrary Command Execution
Remote / Network Access Input Manipulation
Impact Unknown
Exploit Unknown

- 漏洞描述

Ruby's XMLRPC server module contains a flaw related to the toggling of public_instance_methods from FALSE to TRUE, that may allow an attacker to bypass security restrictions and execute arbitrary code. No further details have been provided.

- 时间线

2005-06-22 Unknow
Unknow Unknow

- 解决方案

Currently, there are no stable releases known to fix this problem; however, the patch has been worked into the most recent CVS stable snapshot for Ruby 1.8.2. Additionally, some vendors have released patched versions of their binary packages.

- 相关参考

- 漏洞作者

- 漏洞信息

Apple Mac OS X Security Update 2005-008 Multiple Vulnerabilities
Unknown 14914
Yes Yes
2005-09-22 12:00:00 2009-07-12 05:06:00
Announced by the vendor.

- 受影响的程序版本

Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.3.8
Apple Mac OS X Server 10.3.7
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.3.9
Apple Mac OS X 10.3.8
Apple Mac OS X 10.3.7
Apple Mac OS X 10.3.6
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.3.3
Apple Mac OS X 10.3.2
Apple Mac OS X 10.3.1
Apple Mac OS X 10.3

- 漏洞讨论

Apple has released Security Update 2005-008 to address multiple Mac OS X local and remote vulnerabilities.

The following vulnerabilities were addressed by the security update:

An arbitrary code execution vulnerability in ImageIO.

Two vulnerabilities in Mail resulting in information disclosure.

A local privilege escalation vulnerability in malloc. This issue has been split into BID 14939.

An arbitrary code execution vulnerability in QuickDraw Manager.

A privilege escalation vulnerability in QuickTime for Java.

An arbitrary code execution vulnerability in Ruby.

A cross-site scripting vulnerability in Safari.

An unauthorized access vulnerability in SecurityAgent.

A privilege escalation vulnerability in securityd.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Apple has released advisory APPLE-SA-2005-09-22 and fixes to address these issues:


Apple Mac OS X 10.3.9

Apple Mac OS X Server 10.3.9

Apple Mac OS X 10.4.2

Apple Mac OS X Server 10.4.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站