The Bug
Ruby introduced a bug in 1.8.7 that causes constants with short names not to be created as they should. A few Linux distributions backported this bug to 1.8.6, notably Gentoo and Ubuntu.
The Symptoms
Most of the windows/smb/ exploits are affected and will fail with the following output:
msf exploit(ms08_067_netapi) > exploit [*] Started bind handler [*] Automatically detecting the target... [*] Fingerprint: Windows XP Service Pack 2 - lang:English [*] Selected Target: Windows XP SP2 English (NX) [-] Exploit failed: uninitialized constant Msf::ModuleSet::NDR [*] Exploit completed, but no session was created.
Other exploits may be affected as well and will give similar "uninitialized constant ..." error messages.
The Fix
The most recent stable version of ruby has a fix for this bug. Use your distribution's package management system to upgrade ruby or download the source from http://ruby-lang.org
