There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2745 advisory.

  - rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary     files (CVE-2018-3760)

  - cfme: Improper access control in dRuby allows local users to execute arbitrary commands as root     (CVE-2018-10905)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory.

  - rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary     files (CVE-2018-3760)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower.

Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in development.

All users running an affected release should either upgrade or use one of the work arounds immediately.

This update for rubygem-sprockets fixes the following issues :

The following security vulnerability was addressed :

  - CVE-2018-3760: Fixed a path traversal issue in     sprockets/server.rb:forbidden_request?(), which allowed     remote attackers to read arbitrary files (bsc#1098369)

This update was imported from the SUSE:SLE-15:Update update project.

Update to Sprockets 3.7.2. Fixes CVE-2018-3760:
https://access.redhat.com/security/cve/cve-2018-3760

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production.

This update for rubygem-sprockets fixes the following issues :

The following security vulnerability was addressed :

  - CVE-2018-3760: Fixed a directory traversal issue in     sprockets/server.rb:forbidden_request?(), which allowed     remote attackers to read arbitrary files via specially     crafted requests. (boo#1098369)

ID	Name	Product	Family	Severity
194089	RHEL 7 : CloudForms 4.5.5 (RHSA-2018:2745)	Nessus	Red Hat Local Security Checks	high
194029	RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)	Nessus	Red Hat Local Security Checks	high
112718	Rails Sprockets 2.x < 2.12.5 / 3.x < 3.7.2 / 4.x < 4.0.0.beta8 Path Traversal	Web App Scanning	Component Vulnerability	high
123231	openSUSE Security Update : rubygem-sprockets (openSUSE-2019-542)	Nessus	SuSE Local Security Checks	high
120304	Fedora 28 : rubygem-sprockets (2018-2735a12b72)	Nessus	Fedora Local Security Checks	high
111425	openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)	Nessus	SuSE Local Security Checks	high
111251	Fedora 27 : rubygem-sprockets (2018-fd29597fa4)	Nessus	Fedora Local Security Checks	high
110968	Debian DSA-4242-1 : ruby-sprockets - security update	Nessus	Debian Local Security Checks	high
110831	openSUSE Security Update : rubygem-sprockets (openSUSE-2018-686)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2018-3760

high

Tenable Plugins

high

high

high

high

high

high

high

high

high