The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3485 advisory. ruby: Buffer underrun vulnerability in Kernel.sprintf (CVE-2017-0898) rubygems: Escape sequence in the summary field of gemspec (CVE-2017-0899) rubygems: No size limit in summary length of gem spec (CVE-2017-0900) rubygems: Arbitrary file overwrite due to incorrect validation of specification name (CVE-2017-0901) rubygems: DNS hijacking vulnerability (CVE-2017-0902) rubygems: Unsafe object deserialization through YAML formatted gem specifications (CVE-2017-0903) ruby: Escape sequence injection vulnerability in the Basic authentication of WEBrick (CVE-2017-10784) ruby: Arbitrary heap exposure during a JSON.generate call (CVE-2017-14064) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More