Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Ruby Update for SSL Vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Ruby Update for SSL Vulnerability

An update has been released for the SSL vulnerability reported in Ruby.  From the site: "All Ruby versions are affected".  The Ruby update also contains a patch for a DOS vulnerability; check out the details here.


150 Posts
ISC Handler
Jun 27th 2013
Release Date: 2013-06-28
Where: From remote
Impact: Spoofing
Solution Status: Vendor Patch
CVE Reference: CVE-2013-4073
Solution: Update to version Ruby 1.8.7-p374, 1.9.3-p448, or 2.0.0-p247.
Original Advisory: Ruby:

Sign Up for Free or Log In to start participating in the conversation!