Description

Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file.

Remediation

References

CVE-2014-1831

Related Vulnerabilities

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Multiple Vulnerabilities (3.1.1)

WordPress 5.7.x Multiple Prototype Pollution Vulnerabilities (5.7 - 5.7.5)

WordPress Plugin Ginger-EU Cookie Law Multiple Vulnerabilities (4.1.3)

Oracle Database Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-1363)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)

Severity

Low

Classification

CVE-2014-1831

Tags

Missing Update Known Vulnerabilities