Ruby CVE-2012-5371 Hash Collision Denial of Service Vulnerability

Bugtraq ID: 56484
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2012-5371
Remote: Yes
Local: No
Published: Nov 10 2012 12:00AM
Updated: Mar 05 2013 12:34PM
Credit: Jean-Philippe Aumasson
Vulnerable: Yukihiro Matsumoto Ruby 1.9.3 dev
Yukihiro Matsumoto Ruby 1.9.2 RC2
Yukihiro Matsumoto Ruby 1.9.2 P180
Yukihiro Matsumoto Ruby 1.9.2 P136
Yukihiro Matsumoto Ruby 1.9.2 P0
Yukihiro Matsumoto Ruby 1.9.2 -rc1
Yukihiro Matsumoto Ruby 1.9.1 P431
Yukihiro Matsumoto Ruby 1.9.1 -p429
Yukihiro Matsumoto Ruby 1.9.1 -p376
Yukihiro Matsumoto Ruby 1.9.1
Yukihiro Matsumoto Ruby 1.9 -2
Yukihiro Matsumoto Ruby 1.9 -1
Yukihiro Matsumoto Ruby 1.9
Yukihiro Matsumoto Ruby 1.8.7 -p72
Yukihiro Matsumoto Ruby 1.8.7 -p71
Yukihiro Matsumoto Ruby 1.8.7 -p22
Yukihiro Matsumoto Ruby 1.8.7 -p21
Yukihiro Matsumoto Ruby 1.8.7
Yukihiro Matsumoto Ruby 1.8.6 -p287
Yukihiro Matsumoto Ruby 1.8.6 -p286
Yukihiro Matsumoto Ruby 1.8.6 -p230
Yukihiro Matsumoto Ruby 1.8.6 -p229
Yukihiro Matsumoto Ruby 1.8.6 -p114
Yukihiro Matsumoto Ruby 1.8.6
Yukihiro Matsumoto Ruby 1.8.5 -p231
Yukihiro Matsumoto Ruby 1.8.5 -p230
Yukihiro Matsumoto Ruby 1.8.5 -p2
Yukihiro Matsumoto Ruby 1.8.5 -p115
Yukihiro Matsumoto Ruby 1.8.5
Yukihiro Matsumoto Ruby 1.8.4
Yukihiro Matsumoto Ruby 1.8.3
Yukihiro Matsumoto Ruby 1.8.2 pre4
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre3
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre2
Yukihiro Matsumoto Ruby 1.8.2 pre1
Yukihiro Matsumoto Ruby 1.8.2
+ Red Hat Fedora Core4
 + Red Hat Fedora Core3
 Yukihiro Matsumoto Ruby 1.8.1
+ Red Hat Fedora Core3
 + Red Hat Fedora Core2
 Yukihiro Matsumoto Ruby 1.8
+ Red Hat Fedora Core3
 + Ubuntu Ubuntu Linux 5.0 4 powerpc
 + Ubuntu Ubuntu Linux 5.0 4 i386
 + Ubuntu Ubuntu Linux 5.0 4 amd64
 + Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 Yukihiro Matsumoto Ruby 1.6.8
Yukihiro Matsumoto Ruby 1.6.7
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
Yukihiro Matsumoto Ruby 1.6
Yukihiro Matsumoto Ruby 1.9.2 pre3
Yukihiro Matsumoto Ruby 1.9.1-p430
Yukihiro Matsumoto Ruby 1.9.1-p378
Yukihiro Matsumoto Ruby 1.9.0-3
Yukihiro Matsumoto Ruby 1.9
Yukihiro Matsumoto Ruby 1.8.7-P357
Yukihiro Matsumoto Ruby 1.8.7-P352
Yukihiro Matsumoto Ruby 1.8.7-p334
Yukihiro Matsumoto Ruby 1.8.7-p330
Yukihiro Matsumoto Ruby 1.8.7-p302
Yukihiro Matsumoto Ruby 1.8.7-p299
Yukihiro Matsumoto Ruby 1.8.7-p249
Yukihiro Matsumoto Ruby 1.8.7-p248
Yukihiro Matsumoto Ruby 1.8.7-p173
Yukihiro Matsumoto Ruby 1.8.7-p160
Yukihiro Matsumoto Ruby 1.8.6-p420
Yukihiro Matsumoto Ruby 1.8.6-p399
Yukihiro Matsumoto Ruby 1.8.6-p388
Yukihiro Matsumoto Ruby 1.8.6-p383
Yukihiro Matsumoto Ruby 1.8.6-p369
Yukihiro Matsumoto Ruby 1.8.6-p368
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Slackware Linux x86_64 -current
Slackware Linux 13.37 x86_64
Slackware Linux 13.37
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux -current
Red Hat Fedora 17
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus