New DoS Vulnerability Found in Ruby’s cgi.rb
The official Ruby language homepage is reporting that another DoS vulnerability has been found in Ruby's CGI library (cgi.rb). The solution is to upgrade to the newly released Ruby 1.8.5-p2 (warning: direct link to .tar.gz file). Specifically:
A specific HTTP request for any web application using cgi.rb causes CPU consumption on the machine on which the web application is running. Many such requests result in a denial of service.