CVE-2017-17790

HIGH

Description

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.

References

https://access.redhat.com/errata/RHSA-2018:0378

https://access.redhat.com/errata/RHSA-2018:0583

https://access.redhat.com/errata/RHSA-2018:0584

https://access.redhat.com/errata/RHSA-2018:0585

https://github.com/ruby/ruby/pull/1777

https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html

https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

https://www.debian.org/security/2018/dsa-4259

Details

Source: MITRE

Published: 2017-12-20

Updated: 2018-08-03

Type: CWE-74

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (24 total)

ID	Name	Product	Family	Severity
127164	NewStart CGSL MAIN 5.04 : ruby Multiple Vulnerabilities (NS-SA-2019-0013)	Nessus	NewStart CGSL Local Security Checks	high
124910	EulerOS Virtualization for ARM 64 3.0.1.0 : ruby (EulerOS-SA-2019-1407)	Nessus	Huawei Local Security Checks	high
121912	Photon OS 2.0: Ruby PHSA-2018-2.0-0013	Nessus	PhotonOS Local Security Checks	high
121801	Photon OS 1.0: Ruby PHSA-2018-1.0-0100	Nessus	PhotonOS Local Security Checks	high
117557	EulerOS Virtualization 2.5.0 : ruby (EulerOS-SA-2018-1248)	Nessus	Huawei Local Security Checks	high
111912	Photon OS 1.0: Ruby PHSA-2018-1.0-0100 (deprecated)	Nessus	PhotonOS Local Security Checks	high
111468	Debian DSA-4259-1 : ruby2.3 - security update	Nessus	Debian Local Security Checks	high
111283	Photon OS 2.0 : libtiff / openjdk8 / ruby (PhotonOS-PHSA-2018-2.0-0013) (deprecated)	Nessus	PhotonOS Local Security Checks	high
111081	Debian DLA-1421-1 : ruby2.1 security update	Nessus	Debian Local Security Checks	high
109136	Amazon Linux 2 : ruby (ALAS-2018-983)	Nessus	Amazon Linux Local Security Checks	high
108846	Amazon Linux AMI : ruby20 / ruby22,ruby23,ruby24 (ALAS-2018-983)	Nessus	Amazon Linux Local Security Checks	high
108471	EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1067)	Nessus	Huawei Local Security Checks	high
108470	EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1066)	Nessus	Huawei Local Security Checks	high
107280	Fedora 26 : ruby (2018-1fffa787e7)	Nessus	Fedora Local Security Checks	high
107270	CentOS 7 : ruby (CESA-2018:0378)	Nessus	CentOS Local Security Checks	high
107125	Fedora 27 : ruby (2018-40ed78700c)	Nessus	Fedora Local Security Checks	high
107084	Scientific Linux Security Update : ruby on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
107082	RHEL 7 : ruby (RHSA-2018:0378)	Nessus	Red Hat Local Security Checks	high
107080	Oracle Linux 7 : ruby (ELSA-2018-0378)	Nessus	Oracle Linux Local Security Checks	high
106405	EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1030)	Nessus	Huawei Local Security Checks	high
106404	EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1029)	Nessus	Huawei Local Security Checks	high
105751	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : ruby1.9.1, ruby2.3 vulnerabilities (USN-3528-1)	Nessus	Ubuntu Local Security Checks	high
105429	Debian DLA-1222-1 : ruby1.8 security update	Nessus	Debian Local Security Checks	high
105428	Debian DLA-1221-1 : ruby1.9.1 security update	Nessus	Debian Local Security Checks	high