Sha256: 0d12486b8026911b2ba4574eea1236f960532263c9db7a4ecb4d4cbc56745cf5

Contents?: true

Size: 522 Bytes

Versions: 5

Compression:

Stored size: 522 Bytes

Contents

---
gem: passenger
cve: 2013-4136
osvdb: 94074
url: http://osvdb.org/show/osvdb/94074
title: Phusion Passenger Gem for Ruby Utils.cpp Temporary Directory Creation Symlink Local Privilege Escalation
date: 2013-06-10
description: Phusion Passenger Gem for Ruby contains a flaw as the program creates
  temporary directories insecurely. It is possible for a local attacker to use a
  symlink attack against the Utils.cpp file to allow the attacker to gain elevated
  privileges.
cvss_v2: 4.6
patched_versions:
  - ">= 4.0.8"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/passenger/OSVDB-94074.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/passenger/OSVDB-94074.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/passenger/OSVDB-94074.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/passenger/OSVDB-94074.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/passenger/OSVDB-94074.yml