class Dawn::Kb::CVE_2008_4310
Public Class Methods
new()
click to toggle source
Calls superclass method
Dawn::Kb::ComboCheck::new
# File lib/dawn/kb/cve_2008_4310.rb, line 80 def initialize message = "httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656." super({ :name=>"CVE-2008-4310", :cvss=>"AV:N/AC:L/Au:N/C:N/I:N/A:C", :release_date => Date.new(2008, 12, 9), :cwe=>"399", :owasp=>"A9", :applies=>["sinatra", "padrino", "rails"], :kind=>Dawn::KnowledgeBase::COMBO_CHECK, :message=>message, :mitigation=>"Please upgrade your ruby interpreter", :aux_links=>["http://secunia.com/advisories/33013"], :checks=>[CVE_2008_4310_a.new, CVE_2008_4310_b.new] }) end