CVE-2011-3009
published 2011-08-05CVE-2011-3009: Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random…
PriorityP421medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.09%
79.3th percentile
Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | ruby | <= 1.8.6 | — |
| ruby-lang | ruby | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
ruby: Properly initialize the random number generator when forking new process
vendor_redhat·2011-07-02·CVSS 5.0
CVE-2011-3009 [MEDIUM] ruby: Properly initialize the random number generator when forking new process
ruby: Properly initialize the random number generator when forking new process
Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.
Statement: The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw in Red Hat Enterprise Linux 4 and 5.
GHSA
GHSA-mg6g-jwh6-pwjf: Ruby before 1
ghsa_unreviewed·2022-05-17·CVSS 5.0
CVE-2011-3009 [MEDIUM] GHSA-mg6g-jwh6-pwjf: Ruby before 1
Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-4815 ruby: hash table collisions CPU usage DoS (oCERT-2011-003)
bugzilla·2011-11-01·CVSS 7.8
CVE-2011-4815 [HIGH] CVE-2011-4815 ruby: hash table collisions CPU usage DoS (oCERT-2011-003)
CVE-2011-4815 ruby: hash table collisions CPU usage DoS (oCERT-2011-003)
Julian Wälde and Alexander Klink reported a flaw in the hash function used in the implementation of the Ruby arrays implemented using the hash table.
A specially-crafted set of keys could trigger hash function collisions, which degrade hash table performance by changing hash table operations complexity from an expected/average O(1) to the worst case O(n). Reporters were able to find colliding strings efficiently using equivalent substrings or meet in the middle techniques.
As various web application frameworks for Ruby automatically pre-fill certain arrays with data from the HTTP request (such as GET or POST parameters) for Ruby web application, a remote attacker could use this flaw to make Ruby interpreter use exc
Bugzilla
CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 ruby: Properly initialize the random number generator when forking new process
bugzilla·2011-07-15·CVSS 5.0
CVE-2011-2686 [MEDIUM] CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 ruby: Properly initialize the random number generator when forking new process
CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 ruby: Properly initialize the random number generator when forking new process
It was found that Ruby did not properly reinitialize the random number generator, when forking new Ruby process. A local attacker could use this flaw to easier predict random numbers.
References:
[1] https://bugzilla.novell.com/show_bug.cgi?id=704409
[2] http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/
[3] http://redmine.ruby-lang.org/issues/4579
[4] http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=31713
[5] http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=32050
[6] http://www.openwall.com/lists/oss-security/2011/07/11/1
[7] http://www.openwall.com/lists/oss-security/2011/07/12/14
Discussion:
This issue affects
http://redmine.ruby-lang.org/issues/show/4338http://rhn.redhat.com/errata/RHSA-2012-0070.htmlhttp://www.openwall.com/lists/oss-security/2011/07/20/1http://www.redhat.com/support/errata/RHSA-2011-1581.htmlhttp://www.securityfocus.com/bid/49126https://exchange.xforce.ibmcloud.com/vulnerabilities/69157http://redmine.ruby-lang.org/issues/show/4338http://rhn.redhat.com/errata/RHSA-2012-0070.htmlhttp://www.openwall.com/lists/oss-security/2011/07/20/1http://www.redhat.com/support/errata/RHSA-2011-1581.htmlhttp://www.securityfocus.com/bid/49126https://exchange.xforce.ibmcloud.com/vulnerabilities/69157
2011-08-05
Published