CVE-2017-17790

HIGH

Description

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.

References

https://access.redhat.com/errata/RHSA-2018:0378

https://access.redhat.com/errata/RHSA-2018:0583

https://access.redhat.com/errata/RHSA-2018:0584

https://access.redhat.com/errata/RHSA-2018:0585

https://github.com/ruby/ruby/pull/1777

https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html

https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

https://www.debian.org/security/2018/dsa-4259

Details

Source: MITRE

Published: 2017-12-20

Updated: 2018-08-03

Type: CWE-74

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from 2.2 to 2.2.8 (inclusive)

cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from 2.3 to 2.3.5 (inclusive)

cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:* versions from 2.4 to 2.4.2 (inclusive)

cpe:2.3:a:ruby-lang:ruby:2.5.0:preview1:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
137599SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)NessusSuSE Local Security Checks
high
127164NewStart CGSL MAIN 5.04 : ruby Multiple Vulnerabilities (NS-SA-2019-0013)NessusNewStart CGSL Local Security Checks
high
124910EulerOS Virtualization for ARM 64 3.0.1.0 : ruby (EulerOS-SA-2019-1407)NessusHuawei Local Security Checks
high
121912Photon OS 2.0: Ruby PHSA-2018-2.0-0013NessusPhotonOS Local Security Checks
high
121801Photon OS 1.0: Ruby PHSA-2018-1.0-0100NessusPhotonOS Local Security Checks
high
117557EulerOS Virtualization 2.5.0 : ruby (EulerOS-SA-2018-1248)NessusHuawei Local Security Checks
high
111912Photon OS 1.0: Ruby PHSA-2018-1.0-0100 (deprecated)NessusPhotonOS Local Security Checks
high
111468Debian DSA-4259-1 : ruby2.3 - security updateNessusDebian Local Security Checks
high
111283Photon OS 2.0 : libtiff / openjdk8 / ruby (PhotonOS-PHSA-2018-2.0-0013) (deprecated)NessusPhotonOS Local Security Checks
high
111081Debian DLA-1421-1 : ruby2.1 security updateNessusDebian Local Security Checks
high
109136Amazon Linux 2 : ruby (ALAS-2018-983)NessusAmazon Linux Local Security Checks
high
108846Amazon Linux AMI : ruby20 / ruby22,ruby23,ruby24 (ALAS-2018-983)NessusAmazon Linux Local Security Checks
high
108471EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1067)NessusHuawei Local Security Checks
high
108470EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1066)NessusHuawei Local Security Checks
high
107280Fedora 26 : ruby (2018-1fffa787e7)NessusFedora Local Security Checks
high
107270CentOS 7 : ruby (CESA-2018:0378)NessusCentOS Local Security Checks
high
107125Fedora 27 : ruby (2018-40ed78700c)NessusFedora Local Security Checks
high
107084Scientific Linux Security Update : ruby on SL7.x x86_64 (20180228)NessusScientific Linux Local Security Checks
high
107082RHEL 7 : ruby (RHSA-2018:0378)NessusRed Hat Local Security Checks
high
107080Oracle Linux 7 : ruby (ELSA-2018-0378)NessusOracle Linux Local Security Checks
high
106405EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1030)NessusHuawei Local Security Checks
high
106404EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1029)NessusHuawei Local Security Checks
high
105751Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : ruby1.9.1, ruby2.3 vulnerabilities (USN-3528-1)NessusUbuntu Local Security Checks
high
105429Debian DLA-1222-1 : ruby1.8 security updateNessusDebian Local Security Checks
high
105428Debian DLA-1221-1 : ruby1.9.1 security updateNessusDebian Local Security Checks
high