Gentoo Linux Security Advisory 201001-9 – An input sanitation flaw in the WEBrick HTTP server included in Ruby might allow remote attackers to inject arbitrary control characters into terminal sessions. Giovanni Pellerano, Alessandro Tanasi and Francesco Ongaro reported that WEBrick does not filter terminal control characters, for instance when handling HTTP logs. Versions less than 1.8.7_p249 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85122/glsa-201001-09.txt
Source: https://packetstormsecurity.com/files/85122/Gentoo-Linux-Security-Advisory-201001-9.html