Ruby http/xmlrpc server DoS
A bug was found in the way ruby creates its http (and thus xmlrpc)
server. The server uses blocking sockets, so if it is possible to
send a very large amount of data via the socket, the server will block
other connections resulting in a denial of service.
The original report (and patch) are here:
A reproducer is described here:
will fixed in 1.8.1-7.EL4.3
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.