Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

MRI Rubies may contain statically linked, vulnerable OpenSSL
From: glitch <glitch () glitchwrks com>
Date: Fri, 11 Apr 2014 11:20:20 -0400

https://gist.github.com/chapmajs/10473815

Apparently some MRI build scripts copy only the OpenSSL version at time of build, so the provided test is not 
necessarily 100% accurate. PoC confirmed with RVM on OS X 10.9, Arch Linux, Slackware 14.1

-- glitch

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/


  By Date           By Thread  

Current thread:
  • MRI Rubies may contain statically linked, vulnerable OpenSSL glitch (Apr 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault