ID CVE-2007-0469
Summary The extract_files function in installer.rb in RubyGems before 0.9.1 does not check whether files exist before overwriting them, which allows user-assisted remote attackers to overwrite arbitrary files, cause a denial of service, or execute arbitrary code via crafted GEM packages.
References
Vulnerable Configurations
  • cpe:2.3:a:rubyforge:rubygems:0.8.11
    cpe:2.3:a:rubyforge:rubygems:0.8.11
  • cpe:2.3:a:rubyforge:rubygems:0.9.0
    cpe:2.3:a:rubyforge:rubygems:0.9.0
CVSS
Base: 9.3 (as of 23-01-2007 - 22:13)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family SuSE Local Security Checks
NASL id SUSE_RUBYGEMS-2644.NASL
description This update fixes a vulnerability in rubygems that allowed to overwrite files with root privileges. (CVE-2007-0469)
last seen 2019-02-21
modified 2018-07-19
plugin id 27424
published 2007-10-17
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=27424
title openSUSE 10 Security Update : rubygems (rubygems-2644)
refmap via4
bugtraq 20070121 RubyGems 0.9.0 and earlier installation exploit
confirm http://rubyforge.org/frs/shownotes.php?release_id=9074
fulldisc 20070121 RubyGems 0.9.0 and earlier installation exploit
suse SUSE-SR:2007:004
vupen ADV-2007-0295
xf rubygems-extractfiles-file-overwrite(31688)
Last major update 17-10-2016 - 23:42
Published 23-01-2007 - 20:28
Last modified 16-10-2018 - 12:32
Back to Top