Published: 30/09/2013 Updated: 10/10/2013

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

ext/common/ServerInstanceDir.h in Phusion Passenger gem prior to 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phusion passenger 4.0.2
phusion passenger
phusion passenger 4.0.4
phusion passenger 4.0.3
phusion passenger 4.0.1

Debian Bug report logs - #710351 ruby-passenger: CVE-2013-2119 Package: ruby-passenger; Maintainer for ruby-passenger is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Source for ruby-passenger is src:passenger (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> ...

Debian Bug report logs - #717176 ruby-passenger: CVE-2013-4136: insecure tmp files usage Package: ruby-passenger; Maintainer for ruby-passenger is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Source for ruby-passenger is src:passenger (PTS, buildd, popcon) Reported by: Henri Salo < ...

CWE-59 https://github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b https://github.com/phusion/passenger/blob/release-4.0.6/NEWS https://code.google.com/p/phusion-passenger/issues/detail?id=910 http://rhn.redhat.com/errata/RHSA-2013-1136.html http://www.openwall.com/lists/oss-security/2013/07/16/6 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710351

CVE-2013-4136

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect