Red Hat Bugzilla – Bug 212237
CVE-2006-5467 Ruby CGI multipart parsing DoS
Last modified: 2007-11-30 17:07:27 EST
Jeremy Kemper mailed this information to vendor-sec:
Fix an exploitable bug in CGI multipart parsing which affects Ruby <= 1.8.5
when the input stream returns "" (empty string) instead of nil on EOF.
Certain malformed multipart requests leave the parser in a non-terminating
state, leaving the program vulnerable to denial of service attack. The fix
more carefully checks for input stream EOF.
affected: standalone CGI, Mongrel
unaffected: FastCGI, mod_ruby, WEBrick
This fully closes a previously-reported but partially-fixed vulnerability:
This issue should also affect RHEL2.1 and RHEL3
Created attachment 139389 [details]
should be fixed in ruby-1.6.4-2.AS21.4, ruby-1.6.8-9.EL3.7 and ruby-1.8.1-7.EL4.7
built ruby-1.6.8-9.EL3.8 and ruby-1.8.1-7.EL4.8
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.