CVE-2018-1000079

MEDIUM

Description

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. This attack appear to be exploitable via the victim must install a malicious gem. This vulnerability appears to have been fixed in 2.7.6.

References

http://blog.rubygems.org/2018/02/15/2.7.6-released.html

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html

https://access.redhat.com/errata/RHSA-2018:3729

https://access.redhat.com/errata/RHSA-2018:3730

https://access.redhat.com/errata/RHSA-2018:3731

https://access.redhat.com/errata/RHSA-2019:2028

https://github.com/rubygems/rubygems/commit/666ef793cad42eed96f7aee1cdf77865db921099

https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

https://usn.ubuntu.com/3621-1/

https://www.debian.org/security/2018/dsa-4219

https://www.debian.org/security/2018/dsa-4259

Details

Source: MITRE

Published: 2018-03-13

Updated: 2018-11-30

Type: CWE-22

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:* versions up to 2.2.9 (inclusive)

Configuration 2

OR

cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:* versions up to 2.3.6 (inclusive)

Configuration 3

OR

cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:* versions up to 2.4.3 (inclusive)

Configuration 4

OR

cpe:2.3:a:rubygems:rubygems:*:*:*:*:*:*:*:* versions up to 2.5.0 (inclusive)

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
142322EulerOS 2.0 SP2 : ruby (EulerOS-SA-2020-2395)NessusHuawei Local Security Checks
medium
137599SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)NessusSuSE Local Security Checks
high
135605EulerOS Virtualization 3.0.2.2 : ruby (EulerOS-SA-2020-1443)NessusHuawei Local Security Checks
high
134484EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1195)NessusHuawei Local Security Checks
high
134261RHEL 7 : ruby (RHSA-2020:0663)NessusRed Hat Local Security Checks
high
134063RHEL 7 : ruby (RHSA-2020:0591)NessusRed Hat Local Security Checks
high
133785RHEL 7 : ruby (RHSA-2020:0542)NessusRed Hat Local Security Checks
high
132492NewStart CGSL CORE 5.05 / MAIN 5.05 : ruby Multiple Vulnerabilities (NS-SA-2019-0245)NessusNewStart CGSL Local Security Checks
high
131412NewStart CGSL CORE 5.04 / MAIN 5.04 : ruby Multiple Vulnerabilities (NS-SA-2019-0221)NessusNewStart CGSL Local Security Checks
high
130712EulerOS 2.0 SP3 : ruby (EulerOS-SA-2019-2250)NessusHuawei Local Security Checks
medium
130692EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-2230)NessusHuawei Local Security Checks
medium
128332CentOS 7 : ruby (CESA-2019:2028)NessusCentOS Local Security Checks
high
128290Amazon Linux 2 : ruby (ALAS-2019-1276)NessusAmazon Linux Local Security Checks
high
128260Scientific Linux Security Update : ruby on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
high
127649RHEL 7 : ruby (RHSA-2019:2028)NessusRed Hat Local Security Checks
high
126904openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)NessusSuSE Local Security Checks
high
126617SUSE SLED15 / SLES15 Security Update : ruby-bundled-gems-rpmhelper, ruby2.5 (SUSE-SU-2019:1804-1)NessusSuSE Local Security Checks
high
111468Debian DSA-4259-1 : ruby2.3 - security updateNessusDebian Local Security Checks
high
111081Debian DLA-1421-1 : ruby2.1 security updateNessusDebian Local Security Checks
high
110418Debian DSA-4219-1 : jruby - security updateNessusDebian Local Security Checks
high
109136Amazon Linux 2 : ruby (ALAS-2018-983)NessusAmazon Linux Local Security Checks
high
109058Ubuntu 14.04 LTS : Ruby regression (USN-3621-2)NessusUbuntu Local Security Checks
high
108879Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities (USN-3621-1)NessusUbuntu Local Security Checks
high
108846Amazon Linux AMI : ruby20 / ruby22,ruby23,ruby24 (ALAS-2018-983)NessusAmazon Linux Local Security Checks
high