The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Ruby: Cross Site Scripting via WEBrick

Synthesis of the vulnerability 

An attacker can invite the victim to display a malicious web document, in order to create a Cross Site Scripting in web sites developed with Ruby WEBrick.
Impacted products: Fedora, Mandriva Linux, Windows (platform) ~ not comprehensive, openSUSE, RHEL, SLES, Unix (platform) ~ not comprehensive.
Severity of this bulletin: 2/4.
Creation date: 23/05/2011.
Références of this threat: 587731, BID-40871, CVE-2010-0541, FEDORA-2010-13341, FEDORA-2010-13387, FEDORA-2010-13401, MDVSA-2011:097, MDVSA-2011:098, openSUSE-SU-2011:0556-1, openSUSE-SU-2011:0561-1, RHSA-2011:0908-01, RHSA-2011:0909-01, SUSE-SU-2011:0555-1, VIGILANCE-VUL-10677.

Description of the vulnerability 

The WEBrick module is used to develop a web site in Ruby language.

The WEBrick httpresponse.rb file generates HTTP replies. However, this module does not force the character encoding (Content-type: text/html; charset=ISO-8859-1) in generated pages. An attacker can thus use the vulnerability VIGILANCE-VUL-7812 to inject data which are interpreted as UTF-7 by Internet Explorer.

An attacker can therefore invite the victim to display a malicious web document, in order to create a Cross Site Scripting in web sites developed with Ruby WEBrick.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat impacts software or systems such as Fedora, Mandriva Linux, Windows (platform) ~ not comprehensive, openSUSE, RHEL, SLES, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this computer threat is medium.

The trust level is of type confirmed by the editor, with an origin of document.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this cybersecurity bulletin.

Solutions for this threat 

Ruby: versions 1.8.7-p302 and 1.9.1-p430.
Versions 1.8.7-p302 and 1.9.1-p430 are corrected:
  http://www.ruby-lang.org/en/downloads/

Ruby: patch for WEBrick.
A patch is available in information sources.

Fedora: new ruby packages.
New packages are available:
  ruby-1.8.6.399-6.fc12
  ruby-1.8.6.399-6.fc13
  ruby-1.8.7.302-1.fc14

Mandriva: new ruby packages.
New packages are available:
  ruby-1.8.7-7p72.4mdv2009.0
  ruby-1.8.7.p249-4.1mdv2010.2
  ruby-1.8.2-7.12.20060mlcs4
  ruby-1.8.7-7p72.4mdvmes5.2

openSUSE: new ruby packages.
New packages are available:
  openSUSE 11.3: ruby-1.8.7.p249-8.9.1
  openSUSE 11.4: ruby-1.8.7.p334-1.4.1

RHEL 4, 5: new ruby packages.
New packages are available:
  ruby-1.8.1-16.el4
  ruby-1.8.5-19.el5_6.1

SUSE LE 11: new ruby packages.
New packages are available:
  - SUSE Linux Enterprise Server 11 SP1: ruby-1.8.7.p72-5.28.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a networks vulnerabilities database. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.