Ruby 'FileUtils.remove_entry_secure()' Method Race Condition Vulnerability Network Vulnerability

Summary

This host is installed with Ruby and is prone to race condition vulnerability.

Impact

Successful exploitation allows attackers to execute arbitrary code with elevated privileges or cause a denial-of-service condition. Impact Level: Application.

Solution

Upgrade to Ruby version 1.8.7-334 or 1.9.1-p431 or 1.9.2-p180 or later For updates refer to http://rubyforge.org/frs/?group_id=167

Insight

The flaw is due to a race condition within the 'FileUtils.remove_entry_secure' method, which can be exploited to delete arbitrary directories and files via symlink attacks.

Affected

Ruby version 1.8.6 through 1.8.6 patchlevel 420 Ruby version 1.8.7 through 1.8.7 patchlevel 330 Ruby version 1.9.1 through 1.9.1 patchlevel 430 Ruby version 1.9.2 through 1.9.2 patchlevel 136 Ruby version 1.9.3dev, 1.8.8dev

References

http://secunia.com/advisories/43434
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
https://bugzilla.redhat.com/show_bug.cgi?id=678913

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1004

CVSS	Base Score: 6.3 AV:L/AC:M/Au:N/C:N/I:C/A:C

Related Vulnerabilities

Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Asterisk Missing ACL Check Remote Security Bypass Vulnerability
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Linux)
Adobe Digital Edition Information Disclosure Vulnerability (Windows)

Take action and discover your vulnerabilities