CVE-2017-10784

HIGH

Description

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.

References

http://www.securityfocus.com/bid/100853

http://www.securitytracker.com/id/1039363

http://www.securitytracker.com/id/1042004

https://access.redhat.com/errata/RHSA-2017:3485

https://access.redhat.com/errata/RHSA-2018:0378

https://access.redhat.com/errata/RHSA-2018:0583

https://access.redhat.com/errata/RHSA-2018:0585

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

https://security.gentoo.org/glsa/201710-18

https://usn.ubuntu.com/3528-1/

https://usn.ubuntu.com/3685-1/

https://www.debian.org/security/2017/dsa-4031

https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/

https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/

https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/

Details

Source: MITRE

Published: 2017-09-19

Updated: 2018-10-31

Type: CWE-287

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions up to 2.2.7 (inclusive)

cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*

Tenable Plugins

View all (24 total)

ID	Name	Product	Family	Severity
700517	macOS 10.13.x < 10.13.6 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
118573	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-005)	Nessus	MacOS X Local Security Checks	critical
117557	EulerOS Virtualization 2.5.0 : ruby (EulerOS-SA-2018-1248)	Nessus	Huawei Local Security Checks	high
111137	macOS 10.13.x < 10.13.6 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
111136	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-004)	Nessus	MacOS X Local Security Checks	critical
111081	Debian DLA-1421-1 : ruby2.1 security update	Nessus	Debian Local Security Checks	high
110551	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities (USN-3685-1)	Nessus	Ubuntu Local Security Checks	high
108471	EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1067)	Nessus	Huawei Local Security Checks	high
108470	EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1066)	Nessus	Huawei Local Security Checks	high
107270	CentOS 7 : ruby (CESA-2018:0378)	Nessus	CentOS Local Security Checks	high
107084	Scientific Linux Security Update : ruby on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
107082	RHEL 7 : ruby (RHSA-2018:0378)	Nessus	Red Hat Local Security Checks	high
107080	Oracle Linux 7 : ruby (ELSA-2018-0378)	Nessus	Oracle Linux Local Security Checks	high
105862	Fedora 27 : ruby (2017-4166994614)	Nessus	Fedora Local Security Checks	high
105751	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : ruby1.9.1, ruby2.3 vulnerabilities (USN-3528-1)	Nessus	Ubuntu Local Security Checks	high
104503	Debian DSA-4031-1 : ruby2.3 - security update	Nessus	Debian Local Security Checks	high
104181	Amazon Linux AMI : ruby24 (ALAS-2017-915)	Nessus	Amazon Linux Local Security Checks	high
103911	GLSA-201710-18 : Ruby: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
103692	Ubuntu 14.04 LTS : ruby1.9.1 vulnerabilities (USN-3439-1)	Nessus	Ubuntu Local Security Checks	high
103603	Amazon Linux AMI : ruby22 / ruby23 (ALAS-2017-906)	Nessus	Amazon Linux Local Security Checks	high
103472	Debian DLA-1114-1 : ruby1.9.1 security update	Nessus	Debian Local Security Checks	high
103471	Debian DLA-1113-1 : ruby1.8 security update	Nessus	Debian Local Security Checks	high
103345	FreeBSD : ruby -- multiple vulnerabilities (95b01379-9d52-11e7-a25c-471bafc3262f)	Nessus	FreeBSD Local Security Checks	high
103308	Slackware 14.2 / current : ruby (SSA:2017-261-03)	Nessus	Slackware Local Security Checks	high