RubySec

Providing security resources for the Ruby community

CVE-2014-4995 (VladTheEnterprising): VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

ADVISORIES

GEM

VladTheEnterprising

SEVERITY

CVSS v3.x: 7.0 (High)

PATCHED VERSIONS

None.

DESCRIPTION

VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.#{target_host} file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary commands.