RubySec

Providing security resources for the Ruby community

OSVDB-108572 (kcapifony): kcapifony Gem for Ruby /lib/ksymfony1.rb Metacharacter Handling Remote Command Execution

ADVISORIES

GEM

kcapifony

PATCHED VERSIONS

None.

DESCRIPTION

kcapifony Gem for Ruby contains a flaw in /lib/ksymfony1.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands.

RELATED