CVE-2011-2705
published 2011-08-05CVE-2011-2705: The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization…
PriorityP423medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.95%
77.7th percentile
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | ruby | <= 1.8.7-334 | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.0MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wj5x-c2v9-7wwr: The SecureRandom
ghsa_unreviewed·2022-05-17
CVE-2011-2705 [MEDIUM] CWE-20 GHSA-wj5x-c2v9-7wwr: The SecureRandom
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID.
Ubuntu
Ruby vulnerabilities
vendor_ubuntu·2012-02-28·CVSS 4.3
CVE-2010-0541 [MEDIUM] Ruby vulnerabilities
Title: Ruby vulnerabilities
Summary: Several security issues were fixed in ruby1.8.
Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site
scripting attacks when displaying error pages. A remote attacker could use this
flaw to run arbitrary web script. (CVE-2010-0541)
Drew Yao discovered that Ruby's BigDecimal module did not properly allocate
memory on 64-bit platforms. An attacker could use this flaw to cause a denial
of service or possibly execute arbitrary code with user privileges.
(CVE-2011-0188)
Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in
Ruby did not properly remove non-empty directories. An attacker could use this
flaw to possibly delete arbitrary files. (CVE-2011-1004)
It was discovered that Ruby incorrectly allowed un
Red Hat
ruby: Properly initialize the random number generator when forking new process
vendor_redhat·2011-07-02·CVSS 5.0
CVE-2011-2705 [MEDIUM] ruby: Properly initialize the random number generator when forking new process
ruby: Properly initialize the random number generator when forking new process
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID.
Package: ruby (Red Hat Enterprise Linux 4) - Affected
Package: ruby (Red Hat Enterprise Linux 5) - Affected
No detection rules found.
No public exploits indexed.
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.htmlhttp://redmine.ruby-lang.org/issues/4579http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=32050http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_352/ChangeLoghttp://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_290/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/11/1http://www.openwall.com/lists/oss-security/2011/07/12/14http://www.openwall.com/lists/oss-security/2011/07/20/1http://www.openwall.com/lists/oss-security/2011/07/20/16http://www.redhat.com/support/errata/RHSA-2011-1581.htmlhttp://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/http://www.ruby-lang.org/en/news/2011/07/15/ruby-1-9-2-p290-is-released/http://www.securityfocus.com/bid/49015https://bugzilla.redhat.com/show_bug.cgi?id=722415http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063062.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-July/063071.htmlhttp://redmine.ruby-lang.org/issues/4579http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=32050http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_352/ChangeLoghttp://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_290/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/11/1http://www.openwall.com/lists/oss-security/2011/07/12/14http://www.openwall.com/lists/oss-security/2011/07/20/1http://www.openwall.com/lists/oss-security/2011/07/20/16http://www.redhat.com/support/errata/RHSA-2011-1581.htmlhttp://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/http://www.ruby-lang.org/en/news/2011/07/15/ruby-1-9-2-p290-is-released/http://www.securityfocus.com/bid/49015https://bugzilla.redhat.com/show_bug.cgi?id=722415
2011-08-05
Published