CVE-2004-0983

Published: Mar 1, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

Affected (17)

Products: Yukihiro Matsumoto: Ruby · Gentoo: Linux · Mandrakesoft: Mandrake Linux, Mandrake Linux Corporate Server · +1 more

Show all products

Yukihiro Matsumoto: Ruby · Gentoo: Linux · Mandrakesoft: Mandrake Linux, Mandrake Linux Corporate Server · Ubuntu: Ubuntu Linux

1 product

1 product

2 products

Mandrake Linux Corporate Server

Ubuntu

1 product

Ubuntu Linux

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Yukihiro Matsumoto Ruby	Version 1.6.7
Yukihiro Matsumoto Ruby	Version 1.6
Yukihiro Matsumoto Ruby	Version 1.8.1
Yukihiro Matsumoto Ruby	Version 1.8.2_pre1
Yukihiro Matsumoto Ruby	Version 1.8.2_pre2
Yukihiro Matsumoto Ruby	Version 1.8

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	All versions
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.1
Mandrakesoft Mandrake Linux	Version 10.1
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux Corporate Server	Version 2.1
Mandrakesoft Mandrake Linux Corporate Server	Version 2.1
Ubuntu Ubuntu Linux	Version 4.1
Ubuntu Ubuntu Linux	Version 4.1