GoogleOSV:GHSA-W6RC-Q387-VPGQinsecure temporary directory usage in passenger
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.4%
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.
References
rhn.redhat.com/errata/RHSA-2013-1136.html
www.openwall.com/lists/oss-security/2013/07/16/6
code.google.com/p/phusion-passenger/issues/detail?id=910
github.com/advisories/GHSA-w6rc-q387-vpgq
github.com/phusion/passenger
github.com/phusion/passenger/blob/release-4.0.6/NEWS
github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b
github.com/rubysec/ruby-advisory-db/blob/master/gems/passenger/CVE-2013-4136.yml
nvd.nist.gov/vuln/detail/CVE-2013-4136
Related
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.4%