[SECURITY] [DLA 1112-1] rubygems security update

Package : rubygems Version : 1.8.24-1+deb7u1 CVE ID : CVE-2017-0900 CVE-2017-0901 Debian Bug : 873802 Some vulnerabilities were found in the Rubygems package that affects the LTS distribution. CVE-2017-0900 DOS vulernerability in the query command CVE-2017-0901 gem installer allows a malicious ge...

Debian DLA-1112-1 : rubygems security update

Some vulnerabilities were found in the Rubygems package that affects the LTS distribution. CVE-2017-0900 DOS vulernerability in the query command CVE-2017-0901 gem installer allows a malicious gem to overwrite arbitrary files For Debian 7 'Wheezy', these problems have been fixed in version...

DLA-1112-1 rubygems - security update

Bulletin has no description...

RubyGems: Unpacker improperly validates symlinks, allowing gems writes to arbitrary locations

Unpacker improperly validates symlinks, allowing gems writes to arbitrary locations The RubyGems installer attempts to prevent a gem from writing any files outside the install directory; however it is possible to bypass the check with a symbolic link in a crafted gem. Example structure of malicio...

RubyGems: Installer can modify other gems if gem name is specially crafted

Installer can modify other gems if gem name is specially crafted The installlocation function allows writing to certain files outside the installation directory. The installlocation function in lib/rubygems/package.rb attempts to ensure that files are not installed outside destinationdir. However...

Fedora 26 : rubygems (2017-20214ad330)

Update to RubyGems 2.6.13. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora Update for rubygems FEDORA-2017-20214ad330

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 26 Update: rubygems-2.6.13-100.fc26

RubyGems is the Ruby standard for publishing and managing third party libraries...

[SECURITY] [DSA 3966-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...

RubyGems < 2.6.13 - Arbitrary File Overwrite

There is no check for name field in metadata.gz. By assigning a maliciously crafted string like ../../../../../any/where to the field, an attacker can create an arbitrary file out of the directory of the gem, or even replace an existing file with a malicious file. Proof of Concept 1: Create a fil...

RubyGems < 2.6.13 - Arbitrary File Overwrite Exploit

Exploit for linux platform in category local exploits There is no check for name field in metadata.gz. By assigning a maliciously crafted string like ../../../../../any/where to the field, an attacker can create an arbitrary file out of the directory of the gem, or even replace an existing file...

CVE-2017-0902

A vulnerability was found where rubygems did not sanitize DNS responses when requesting the hostname of the rubygems server for a domain, via a rubygems.tcp DNS SRV query. An attacker with the ability to manipulate DNS responses could direct the gem command towards a different domain...

CVE-2017-0900

It was found that rubygems could use an excessive amount of CPU while parsing a sufficiently long gem summary. A specially crafted gem from a gem repository could freeze gem commands attempting to parse its summary...

Spoofing

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls...

CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

Design/Logic Flaw

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...

CVE-2017-0901

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...

CVE-2017-0902

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls...

CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

Design/Logic Flaw

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...