There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1     and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the     filesystem that is outside an application's root directory, when the Sprockets server is used in     production. All users running an affected release should either upgrade or use one of the work arounds     immediately. (CVE-2018-3760)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2561 advisory.

    Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the     challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a     model-view-controller (MVC) framework for web application development. Action Pack implements the     controller and the view components.

    Security Fix(es):

    * cfme: Improper access control in dRuby allows local users to execute arbitrary commands as root     (CVE-2018-10905)

    * rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary     files (CVE-2018-3760)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

    Red Hat would like to thank Stephen Gappinger (American Express) for reporting CVE-2018-10905.

    Additional Changes:

    This update fixes various bugs and adds enhancements. Documentation for these changes is available from     the Release Notes document.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2244 advisory.

    Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency     management for JavaScript and CSS assets, as well as a powerful preprocessor pipeline that allows to write     assets in languages like CoffeeScript, Sass and SCSS.

    Security Fix(es):

    * rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary     files (CVE-2018-3760)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2745 advisory.

    Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the     challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a     model-view-controller (MVC) framework for web application development.

    Security Fix(es):

    * rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary     files (CVE-2018-3760)

    * cfme: Improper access control in dRuby allows local users to execute arbitrary commands as root     (CVE-2018-10905)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

    Red Hat would like to thank Stephen Gappinger (American Express) for reporting CVE-2018-10905.

    Additional Changes:

    This update fixes various bugs and adds enhancements. Documentation for these changes is available from     the Release Notes document.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory.

    Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency     management for JavaScript and CSS assets, as well as a powerful preprocessor pipeline that allows to write     assets in languages like CoffeeScript, Sass and SCSS.

    Security Fix(es):

    * rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary     files (CVE-2018-3760)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower.

Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in development.

All users running an affected release should either upgrade or use one of the work arounds immediately.

This update for rubygem-sprockets fixes the following issues :

The following security vulnerability was addressed :

  - CVE-2018-3760: Fixed a path traversal issue in     sprockets/server.rb:forbidden_request?(), which allowed     remote attackers to read arbitrary files (bsc#1098369)

This update was imported from the SUSE:SLE-15:Update update project.

Update to Sprockets 3.7.2. Fixes CVE-2018-3760:
https://access.redhat.com/security/cve/cve-2018-3760

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production.

This update for rubygem-sprockets fixes the following issues :

The following security vulnerability was addressed :

  - CVE-2018-3760: Fixed a directory traversal issue in     sprockets/server.rb:forbidden_request?(), which allowed     remote attackers to read arbitrary files via specially     crafted requests. (boo#1098369)

ID	Name	Product	Family	Severity
251714	Linux Distros Unpatched Vulnerability : CVE-2018-3760	Nessus	Misc.	high
233185	RHEL 7 : CloudForms 4.6.4 (RHSA-2018:2561)	Nessus	Red Hat Local Security Checks	high
210326	RHEL 6 / 7 : rh-ror42-rubygem-sprockets (RHSA-2018:2244)	Nessus	Red Hat Local Security Checks	high
194089	RHEL 7 : CloudForms 4.5.5 (RHSA-2018:2745)	Nessus	Red Hat Local Security Checks	high
194029	RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)	Nessus	Red Hat Local Security Checks	high
112718	Rails Sprockets 2.x < 2.12.5 / 3.x < 3.7.2 / 4.x < 4.0.0.beta8 Path Traversal	Web App Scanning	Component Vulnerability	high
123231	openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)	Nessus	SuSE Local Security Checks	high
120304	Fedora 28 : rubygem-sprockets (2018-2735a12b72)	Nessus	Fedora Local Security Checks	high
111425	openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)	Nessus	SuSE Local Security Checks	high
111251	Fedora 27 : rubygem-sprockets (2018-fd29597fa4)	Nessus	Fedora Local Security Checks	high
110968	Debian DSA-4242-1 : ruby-sprockets - security update	Nessus	Debian Local Security Checks	high
110831	openSUSE Security Update : rubygem-sprockets (openSUSE-2018-686)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2018-3760

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high