Multiple CVE Request (ruby)

[Jan Lieskovsky <jlieskov () redhat com>]

Hello Steve,

  Ruby upstream has announced multiple vulnerabilities 
present in Ruby code (even with testcases).

All of these issues responsibly reported at the following
URL:

http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/


Could you please allocate a CVE id for each of the following:

* untrace_var is permitted at safe level 4.

* $PROGRAM_NAME may be modified at safe level 4.

* Insecure methods may be called at safe level 1-3.

* Syslog operations are permitted at safe level 4.

* DoS vulnerability in WEBrick

* Lack of taintness check in dl

* DNS spoofing vulnerability in resolv.rb -- already seems to
  have assigned CVE-2008-1447. 

All of these issues exploitable by a normal unprivileged
user (slightly testcases / exploits modification is needed
in some cases). 

For further reference about the features allowed at different
$SAVE levels in Ruby, please have a look at:

http://www.rubycentral.com/book/taint.html (part "Definition of the safe
levels")

Please do not hesitate to ask for any further information related
with each of these issues and / or their test cases.

Thank you in advance.

Kind regards
Jan iankko Lieskovsky
RH Security Response Team