Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yukihiro Matsumoto Ruby CGI模块畸形MIME数据拒绝服务漏洞
Vulnerability Description
Ruby是动态、开放源码的编程语言。 Ruby CGI模块在处理畸形用户请求时存在漏洞,远程攻击者可能利用此漏洞对服务器执行拒绝服务攻击。 如果攻击者所提交HTTP请求的多部分MIME中包含有无效的边界指示符,就可能在Ruby的CGI库中触发死循环,导致耗尽CUP资源。
CVSS Information
N/A
Vulnerability Type
N/A