We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.

Denial of Service Vulnerability Found in Ruby

Security researchers Alexander Klink and Julian Waelde have uncovered a vulnerability in Ruby that could enable a hacker to launch a denial of service attack.

"The deterministic hash function used to hash a string in the 1.8 series of Ruby, which makes sure that no other bits of information than the input string itself is involved in generating the hash value, allows for the string’s hash value to be pre-calculated beforehand," writes Softpedia's Eduard Kovacs.

"'By collecting a series of strings that have the identical hash value, an attacker can let Ruby process collide bins of hash tables (including Hash class instances),' reads the issue’s description," Kovacs writes.

Go to "Ruby Flaw Allows Hackers to Launch DoS Attacks" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.

Submit a Comment

Loading Comments...