Advisories:rPSA-2008-0206

From rPath Wiki

rPath Security Advisory 2008-0206-1

Published: 2008-06-26

Products

• rPath Appliance Platform Linux Service 1
• rPath Appliance Platform Linux Service 2
• rPath Linux 1
• rPath Linux 2

Rating

Severe

Exposure Level Classification

Remote User Deterministic Privilege Escalation

Updated Versions

• ruby=conary.rpath.com@rpl:1/1.8.6_p230-0.3-1
• ruby=conary.rpath.com@rpl:2/1.8.6_p230-2-0.1

rPath Issue Tracking System

• RPL-2626

References

• CVE-2008-2662
• CVE-2008-2663
• CVE-2008-2725
• CVE-2008-2726
• CVE-2008-2664
• http://preview.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities

Description

Previous versions of the ruby package contain multiple vulnerabilities,

the most serious of which allow users to execute arbitrary code with

elevated privileges.

Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html