ГлавнаяБаза уязвимостей БДУ → BDU:2015-01758
6.4средняя

BDU:2015-01758 (CVE-2006-3694)

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность и целостность защищаемой информации
Опубликовано: 2016-07-06
Описание

Множественные уязвимости пакета libruby1.6-dbg операционной системы Debian GNU/Linux, эксплуатация которых может привести к нарушению конфиденциальности и целостности защищаемой информации. Эксплуатация уязвимостей может быть осуществлена удаленно.

Затрагиваемое ПО и версии
Debian GNU/Linux (до 3.1)
Способ устранения

Проблема может быть решена обновлением операционной системы до следующих версий пакетов в зависимости от архитектуры:
Debian GNU/Linux 3.1:
ppc:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
s390x:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
m68k:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
i686:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
arm:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
sparc:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
x86-64:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
alpha:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
ia64:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
mips:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
noarch:
irb1.6 - 1.6.8-12sarge2
ruby1.6-elisp - 1.6.8-12sarge2
ruby1.6-examples - 1.6.8-12sarge2
mipsel:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2
hppa:
libcurses-ruby1.6 - 1.6.8-12sarge2
libdbm-ruby1.6 - 1.6.8-12sarge2
libgdbm-ruby1.6 - 1.6.8-12sarge2
libpty-ruby1.6 - 1.6.8-12sarge2
libreadline-ruby1.6 - 1.6.8-12sarge2
libruby1.6 - 1.6.8-12sarge2
libruby1.6-dbg - 1.6.8-12sarge2
libsdbm-ruby1.6 - 1.6.8-12sarge2
libsyslog-ruby1.6 - 1.6.8-12sarge2
libtcltk-ruby1.6 - 1.6.8-12sarge2
libtk-ruby1.6 - 1.6.8-12sarge2
ruby1.6 - 1.6.8-12sarge2
ruby1.6-dev - 1.6.8-12sarge2

Оценка CVSS
Балл6.4 — средняя опасность
Источники и патчи
http://www.debian.org/security/dsa-1139/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
Проверьте безопасность своего сайта и почты → Полная проверка домена