Keita Yamaguchi

3 exploits Active since Aug 2008
CVE-2008-3655 EXPLOITDB ruby WORKING POC
Ruby < 1.8.5 - Unauthenticated Access Restriction Bypass via Critical Variable and Method Access
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3.
CVE-2008-3657 EXPLOITDB ruby WORKING POC
Ruby < 1.8.5 and 1.8.6-1.8.6-p286 and 1.8.7-1.8.7-p71 and 1.9-r18423 - Safe Level Bypass via DL.dlopen
The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen.
CVE-2008-4310 EXPLOITDB ruby WORKING POC
Ruby 1.8.1 and 1.8.5 - Denial of Service via Crafted HTTP Request
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.