Sha256: 83278b1db5ee637292e65d6b0d50be170bd00f721f77335dbdde764cf2fb1bb6
Contents?: true
Size: 1.25 KB
Versions: 3
Compression:
Stored size: 1.25 KB
Contents
--- engine: ruby cve: 2018-8779 url: https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/ title: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket date: 2018-03-28 description: | There is a unintentional socket creation vulnerability in `UNIXServer.open` method of socket library bundled with Ruby. And there is also a unintentional socket access vulnerability in `UNIXSocket.open` method. `UNIXServer.open` accepts the path of the socket to be created at the first parameter. If the path contains NUL (`\0`) bytes, this method recognize that the path is completed before the NUL bytes. So, if a script accepts an external input as the argument of this method, the attacker can make the socket file in the unintentional path. And, `UNIXSocket.open` also accepts the path of the socket to be created at the first parameter without checking NUL bytes like `UNIXServer.open`. So, if a script accepts an external input as the argument of this method, the attacker can accepts the socket file in the unintentional path. All users running an affected release should upgrade immediately. patched_versions: - "~> 2.2.10" - "~> 2.3.7" - "~> 2.4.4" - "~> 2.5.1" - "> 2.6.0-preview1"
Version data entries
3 entries across 3 versions & 2 rubygems