SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Ruby Vendors:   Matsumoto, Yukihiro
(Fedora Issues Fix for FC2) Ruby Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1011700
SecurityTracker URL:  http://securitytracker.com/id/1011700
CVE Reference:   CVE-2004-0755   (Links to External Site)
Date:  Oct 15 2004
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.8.1 and prior versions
Description:   A vulnerability was reported in Ruby in the processing of temporary files. A local user may be able to gain elevated privileges.

Andres Salomon reported that CGI::Session stores FileStore session data in an unsafe manner. Files are created in the 'tmp' directory without the proper permissions. As a result, a local user may be able to access the files and take over a target user's session.

Impact:   A local user may be able to hijack a target user's session.
Solution:   Fedora has released a fix, available at:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

d8a48d8cc33fbb2d80ef3ae7cc430a7b SRPMS/ruby-1.8.1-6.src.rpm
c714ce56a344262bc6517733374074b1 x86_64/ruby-devel-1.8.1-6.x86_64.rpm
ca4a11002b7ac1a0527704111fc1c8e6 x86_64/irb-1.8.1-6.x86_64.rpm
293bdbe4cbe15b1686b4f947400908ed x86_64/ruby-1.8.1-6.x86_64.rpm
d8e5088313ddc95dac30a0d2805b5f82 x86_64/debug/ruby-debuginfo-1.8.1-6.x86_64.rpm
0782cfa648c4642e4673cc1eaac43ca0 x86_64/ruby-docs-1.8.1-6.x86_64.rpm
ead260eaa77f783b24d2e1084aa8d423 x86_64/ruby-libs-1.8.1-6.x86_64.rpm
15ac23e5f062bfbab02a5ed2cf0218b7 x86_64/ruby-mode-1.8.1-6.x86_64.rpm
85017b0e52e6b52baa5a6068930c3b84 x86_64/ruby-tcltk-1.8.1-6.x86_64.rpm
2bafe002e18bc8eb388869b3dc7ef1fd i386/ruby-1.8.1-6.i386.rpm
1049cb91162d8b2a18714c52b7bfd456 i386/irb-1.8.1-6.i386.rpm
770364a116d5f4c9a6d5679231e879c4 i386/debug/ruby-debuginfo-1.8.1-6.i386.rpm
ac945d1d04306ec2fa7245aefcaa16a2 i386/ruby-devel-1.8.1-6.i386.rpm
1075fc983162e6b00bd29e0976dd79f0 i386/ruby-docs-1.8.1-6.i386.rpm
e561fa39a17cc1770c0d1180732d469c i386/ruby-libs-1.8.1-6.i386.rpm
412267226c58d3bfc73577ebc60157ba i386/ruby-mode-1.8.1-6.i386.rpm
bf1cbb9f65ecf88f4ffa034d24cef119 i386/ruby-tcltk-1.8.1-6.i386.rpm

Vendor URL:  www.ruby-lang.org/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Red Hat Fedora)
Underlying OS Comments:  FC2

Message History:   This archive entry is a follow-up to the message listed below.
Aug 16 2004 Ruby Unsafe Temporary Files May Let Local Users Gain Elevated Privileges



 Source Message Contents

Subject:  [SECURITY] Fedora Core 2 Update: ruby-1.8.1-6



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-264
2004-10-15
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : ruby
Version     : 1.8.1
Release     : 6
Summary     : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming.  It has many features to process text
files and to do system management tasks (as in Perl).  It is simple,
straight-forward, and extensible.

---------------------------------------------------------------------

* Thu Aug 19 2004 Akira TAGOH <tagoh@redhat.com> 1.8.1-6

- security fix [CAN-2004-0755]
- ruby-1.8.1-cgi_session_perms.patch: sets the permission of the session data
  file to 0600. (#130063)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

d8a48d8cc33fbb2d80ef3ae7cc430a7b  SRPMS/ruby-1.8.1-6.src.rpm
c714ce56a344262bc6517733374074b1  x86_64/ruby-devel-1.8.1-6.x86_64.rpm
ca4a11002b7ac1a0527704111fc1c8e6  x86_64/irb-1.8.1-6.x86_64.rpm
293bdbe4cbe15b1686b4f947400908ed  x86_64/ruby-1.8.1-6.x86_64.rpm
d8e5088313ddc95dac30a0d2805b5f82  x86_64/debug/ruby-debuginfo-1.8.1-6.x86_64.rpm
0782cfa648c4642e4673cc1eaac43ca0  x86_64/ruby-docs-1.8.1-6.x86_64.rpm
ead260eaa77f783b24d2e1084aa8d423  x86_64/ruby-libs-1.8.1-6.x86_64.rpm
15ac23e5f062bfbab02a5ed2cf0218b7  x86_64/ruby-mode-1.8.1-6.x86_64.rpm
85017b0e52e6b52baa5a6068930c3b84  x86_64/ruby-tcltk-1.8.1-6.x86_64.rpm
2bafe002e18bc8eb388869b3dc7ef1fd  i386/ruby-1.8.1-6.i386.rpm
1049cb91162d8b2a18714c52b7bfd456  i386/irb-1.8.1-6.i386.rpm
770364a116d5f4c9a6d5679231e879c4  i386/debug/ruby-debuginfo-1.8.1-6.i386.rpm
ac945d1d04306ec2fa7245aefcaa16a2  i386/ruby-devel-1.8.1-6.i386.rpm
1075fc983162e6b00bd29e0976dd79f0  i386/ruby-docs-1.8.1-6.i386.rpm
e561fa39a17cc1770c0d1180732d469c  i386/ruby-libs-1.8.1-6.i386.rpm
412267226c58d3bfc73577ebc60157ba  i386/ruby-mode-1.8.1-6.i386.rpm
bf1cbb9f65ecf88f4ffa034d24cef119  i386/ruby-tcltk-1.8.1-6.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC