RubySec

Providing security resources for the Ruby community

CVE-2013-4136 (passenger): CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due toreuse of existing server instance directories

ADVISORIES

GEM

passenger

SEVERITY

CVSS v2.0: 4.6 (Medium)

PATCHED VERSIONS

  • >= 4.0.8

DESCRIPTION

ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.