1. Home
  2. Vulnerabilities
  3. CVE-2008-3443

CVE-2008-3443

CVSS v2.0 5 (Medium)
50% Progress
EPSS 14.89 % (96th)
14.89% Progress
Affected Products 1
Advisories 5
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.

Weaknesses
CWE-399
Resource Management Errors
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2008-08-14 23:41:00
(16 years ago)
Updated Date
2018-10-03 21:55:15
(6 years ago)

Affected Products

Ruby-lang

Configuration #1

    CPE23 From Up To
  Ruby-lang Ruby 1.6.8 cpe:2.3:a:ruby-lang:ruby:1.6.8
  Ruby-lang Ruby 1.8.0 cpe:2.3:a:ruby-lang:ruby:1.8.0
  Ruby-lang Ruby 1.8.1 cpe:2.3:a:ruby-lang:ruby:1.8.1
  Ruby-lang Ruby 1.8.1 -9 cpe:2.3:a:ruby-lang:ruby:1.8.1:-9
  Ruby-lang Ruby 1.8.2 cpe:2.3:a:ruby-lang:ruby:1.8.2
  Ruby-lang Ruby 1.8.2 Preview2 cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2
  Ruby-lang Ruby 1.8.2 Preview3 cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3
  Ruby-lang Ruby 1.8.2 Preview4 cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4
  Ruby-lang Ruby 1.8.3 cpe:2.3:a:ruby-lang:ruby:1.8.3
  Ruby-lang Ruby 1.8.3 Preview1 cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1
  Ruby-lang Ruby 1.8.3 Preview2 cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2
  Ruby-lang Ruby 1.8.3 Preview3 cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3
  Ruby-lang Ruby 1.8.4 cpe:2.3:a:ruby-lang:ruby:1.8.4
  Ruby-lang Ruby 1.8.4 Preview1 cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1
  Ruby-lang Ruby 1.8.4 Preview2 cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2
  Ruby-lang Ruby 1.8.4 Preview3 cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3
  Ruby-lang Ruby 1.8.5 cpe:2.3:a:ruby-lang:ruby:1.8.5
  Ruby-lang Ruby 1.8.5 P11 cpe:2.3:a:ruby-lang:ruby:1.8.5:p11
  Ruby-lang Ruby 1.8.5 P113 cpe:2.3:a:ruby-lang:ruby:1.8.5:p113
  Ruby-lang Ruby 1.8.5 P114 cpe:2.3:a:ruby-lang:ruby:1.8.5:p114
  Ruby-lang Ruby 1.8.5 P115 cpe:2.3:a:ruby-lang:ruby:1.8.5:p115
  Ruby-lang Ruby 1.8.5 P12 cpe:2.3:a:ruby-lang:ruby:1.8.5:p12
  Ruby-lang Ruby 1.8.5 P2 cpe:2.3:a:ruby-lang:ruby:1.8.5:p2
  Ruby-lang Ruby 1.8.5 P231 cpe:2.3:a:ruby-lang:ruby:1.8.5:p231
  Ruby-lang Ruby 1.8.5 P35 cpe:2.3:a:ruby-lang:ruby:1.8.5:p35
  Ruby-lang Ruby 1.8.5 P52 cpe:2.3:a:ruby-lang:ruby:1.8.5:p52
  Ruby-lang Ruby 1.8.5 Preview1 cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1
  Ruby-lang Ruby 1.8.5 Preview2 cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2
  Ruby-lang Ruby 1.8.5 Preview3 cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3
  Ruby-lang Ruby 1.8.5 Preview4 cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4
  Ruby-lang Ruby 1.8.5 Preview5 cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5
  Ruby-lang Ruby 1.8.6 cpe:2.3:a:ruby-lang:ruby:1.8.6
  Ruby-lang Ruby 1.8.6 P110 cpe:2.3:a:ruby-lang:ruby:1.8.6:p110
  Ruby-lang Ruby 1.8.6 P111 cpe:2.3:a:ruby-lang:ruby:1.8.6:p111
  Ruby-lang Ruby 1.8.6 P114 cpe:2.3:a:ruby-lang:ruby:1.8.6:p114
  Ruby-lang Ruby 1.8.6 P230 cpe:2.3:a:ruby-lang:ruby:1.8.6:p230
  Ruby-lang Ruby 1.8.6 P286 cpe:2.3:a:ruby-lang:ruby:1.8.6:p286
  Ruby-lang Ruby 1.8.6 P36 cpe:2.3:a:ruby-lang:ruby:1.8.6:p36
  Ruby-lang Ruby 1.8.6 Preview1 cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1
  Ruby-lang Ruby 1.8.6 Preview2 cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2
  Ruby-lang Ruby 1.8.6 Preview3 cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3
  Ruby-lang Ruby 1.8.7 cpe:2.3:a:ruby-lang:ruby:1.8.7
  Ruby-lang Ruby 1.8.7 P17 cpe:2.3:a:ruby-lang:ruby:1.8.7:p17
  Ruby-lang Ruby 1.8.7 P22 cpe:2.3:a:ruby-lang:ruby:1.8.7:p22
  Ruby-lang Ruby 1.8.7 P71 cpe:2.3:a:ruby-lang:ruby:1.8.7:p71
  Ruby-lang Ruby 1.8.7 Preview1 cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1
  Ruby-lang Ruby 1.8.7 Preview2 cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2
  Ruby-lang Ruby 1.8.7 Preview3 cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3
  Ruby-lang Ruby 1.8.7 Preview4 cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4
  Ruby-lang Ruby 1.9.0 cpe:2.3:a:ruby-lang:ruby:1.9.0
  Ruby-lang Ruby 1.9.0 R18423 cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423