Sha256: c5e449c49ec6f112f314ad6ae870af9e9acd127b026607f5ed5cb8eac2a8c1f6

Contents?: true

Size: 505 Bytes

Versions: 5

Compression:

Stored size: 505 Bytes

Contents

---
gem: passenger
cve: 2014-1832
osvdb: 102613
url: http://osvdb.org/show/osvdb/102613
title: Phusion Passenger Server Instance Directory Creation Local Symlink File Overwrite
date: 2014-01-29
description: Phusion Passenger contains a flaw as the program creates the server instance
  directory insecurely. It is possible for a local attacker to use a symlink attack against
  the directory to cause the program to unexpectedly overwrite an arbitrary file.
cvss_v2: 2.1
patched_versions:
  - ">= 4.0.38"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/passenger/CVE-2014-1832.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/passenger/CVE-2014-1832.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/passenger/CVE-2014-1832.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/passenger/CVE-2014-1832.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/passenger/CVE-2014-1832.yml