RubySec

Providing security resources for the Ruby community

CVE-2013-2119 (passenger): Phusion Passenger Gem for Ruby Predictable Temporary Filename Generation Symlink Local Privilege Escalation

ADVISORIES

GEM

passenger

SEVERITY

CVSS v2: 4.6

PATCHED VERSIONS

  • ~> 3.0.21
  • >= 4.0.5

DESCRIPTION

Phusion Passenger Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the Nginx config file to cause the program to unexpectedly overwrite the file, allowing a local attacker to execute code with elevated privileges.