Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-16355

Опубликовано: 14 дек. 2017
Источник: debian

Описание

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
passengerfixed5.0.30-1.1package
ruby-passengerremovedpackage
ruby-passengerno-dsajessiepackage
ruby-passengernot-affectedwheezypackage

Примечания

  • https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/

  • https://github.com/phusion/passenger/commit/4043718264095cde6623c2cbe8c644541036d7bf

  • https://www.openwall.com/lists/oss-security/2017/11/21/2 and following.

  • Problem mitigated in versions prior to 5.0.10 where root privileges were required to

  • get the status information.

Связанные уязвимости

ubuntu логотип

CVE-2017-16355

CVSS3: 4.7
ubuntu
около 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

redhat логотип

CVE-2017-16355

CVSS3: 4.7
redhat
больше 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

nvd логотип

CVE-2017-16355

CVSS3: 4.7
nvd
около 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

github логотип

GHSA-cv3f-px9r-54hm

CVSS3: 4.7
github
больше 3 лет назад

Phusion Passenger information disclosure

fstec логотип

BDU:2019-01588

CVSS3: 5.3
fstec
больше 8 лет назад

Уязвимость веб-сервера Phusion Passenger, связанная с возможностью создания символической ссылки между REVISION и произвольным файлом в системе, позволяющая нарушителю получить доступ к конфиденциальным данным