CVE-2011-2686
published 2011-08-05CVE-2011-2686: Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random…
PriorityP422medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.58%
83.3th percentile
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | ruby | <= 1.8.7-334 | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.0MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Ruby vulnerabilities
vendor_ubuntu·2012-02-28·CVSS 4.3
CVE-2010-0541 [MEDIUM] Ruby vulnerabilities
Title: Ruby vulnerabilities
Summary: Several security issues were fixed in ruby1.8.
Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site
scripting attacks when displaying error pages. A remote attacker could use this
flaw to run arbitrary web script. (CVE-2010-0541)
Drew Yao discovered that Ruby's BigDecimal module did not properly allocate
memory on 64-bit platforms. An attacker could use this flaw to cause a denial
of service or possibly execute arbitrary code with user privileges.
(CVE-2011-0188)
Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in
Ruby did not properly remove non-empty directories. An attacker could use this
flaw to possibly delete arbitrary files. (CVE-2011-1004)
It was discovered that Ruby incorrectly allowed un
Red Hat
ruby: Properly initialize the random number generator when forking new process
vendor_redhat·2011-07-02·CVSS 5.0
CVE-2011-2686 [MEDIUM] ruby: Properly initialize the random number generator when forking new process
ruby: Properly initialize the random number generator when forking new process
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.
Package: ruby (Red Hat Enterprise Linux 4) - Affected
Package: ruby (Red Hat Enterprise Linux 5) - Affected
Package: ruby (Red Hat Enterprise Linux 6) - Affected
GHSA
GHSA-g8g6-3p4h-6388: Ruby before 1
ghsa_unreviewed·2022-05-17·CVSS 5.0
CVE-2011-2686 [MEDIUM] GHSA-g8g6-3p4h-6388: Ruby before 1
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-2686 ruby: Properly initialize the random number generator when forking new process [fedora-all]
bugzilla·2011-07-15·CVSS 5.0
CVE-2011-2686 [MEDIUM] CVE-2011-2686 ruby: Properly initialize the random number generator when forking new process [fedora-all]
CVE-2011-2686 ruby: Properly initialize the random number generator when forking new process [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=722415
Please no
Bugzilla
CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 ruby: Properly initialize the random number generator when forking new process
bugzilla·2011-07-15·CVSS 5.0
CVE-2011-2686 [MEDIUM] CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 ruby: Properly initialize the random number generator when forking new process
CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 ruby: Properly initialize the random number generator when forking new process
It was found that Ruby did not properly reinitialize the random number generator, when forking new Ruby process. A local attacker could use this flaw to easier predict random numbers.
References:
[1] https://bugzilla.novell.com/show_bug.cgi?id=704409
[2] http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/
[3] http://redmine.ruby-lang.org/issues/4579
[4] http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=31713
[5] http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=32050
[6] http://www.openwall.com/lists/oss-security/2011/07/11/1
[7] http://www.openwall.com/lists/oss-security/2011/07/12/14
Discussion:
This issue affects
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.htmlhttp://redmine.ruby-lang.org/issues/show/4338http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=31713http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_352/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/11/1http://www.openwall.com/lists/oss-security/2011/07/12/14http://www.openwall.com/lists/oss-security/2011/07/20/1http://www.openwall.com/lists/oss-security/2011/07/20/16http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/http://www.securityfocus.com/bid/49015https://bugzilla.redhat.com/show_bug.cgi?id=722415https://exchange.xforce.ibmcloud.com/vulnerabilities/69032http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.htmlhttp://redmine.ruby-lang.org/issues/show/4338http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=31713http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_352/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/11/1http://www.openwall.com/lists/oss-security/2011/07/12/14http://www.openwall.com/lists/oss-security/2011/07/20/1http://www.openwall.com/lists/oss-security/2011/07/20/16http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/http://www.securityfocus.com/bid/49015https://bugzilla.redhat.com/show_bug.cgi?id=722415https://exchange.xforce.ibmcloud.com/vulnerabilities/69032
2011-08-05
Published