Ruby 'FileUtils.remove_entry_secure()' Method Race Condition Vulnerability Network Vulnerability

Summary

This host is installed with Ruby and is prone to race condition vulnerability.

Impact

Successful exploitation allows attackers to execute arbitrary code with elevated privileges or cause a denial-of-service condition. Impact Level: Application.

Solution

Upgrade to Ruby version 1.8.7-334 or 1.9.1-p431 or 1.9.2-p180 or later For updates refer to http://rubyforge.org/frs/?group_id=167

Insight

The flaw is due to a race condition within the 'FileUtils.remove_entry_secure' method, which can be exploited to delete arbitrary directories and files via symlink attacks.

Affected

Ruby version 1.8.6 through 1.8.6 patchlevel 420 Ruby version 1.8.7 through 1.8.7 patchlevel 330 Ruby version 1.9.1 through 1.9.1 patchlevel 430 Ruby version 1.9.2 through 1.9.2 patchlevel 136 Ruby version 1.9.3dev, 1.8.8dev

References

http://secunia.com/advisories/43434
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
https://bugzilla.redhat.com/show_bug.cgi?id=678913

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1004
CVSS Base Score: 6.3
AV:L/AC:M/Au:N/C:N/I:C/A:C

Related Vulnerabilities

Adobe Reader Information Disclosure Vulnerability Jun05 (Windows)
Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
Adobe LiveCycle Designer Untrusted Search Path Vulnerability (Windows)
Adobe Reader Unspecified Vulnerability (Windows)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)

Take action and discover your vulnerabilities