Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-2119

Опубликовано: 03 янв. 2014
Источник: nvd
CVSS2: 4.6
EPSS Низкий

Описание

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*
Версия до 3.0.20 (включая)
cpe:2.3:a:phusion:passenger:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.15:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.17:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.18:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:3.0.19:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:phusion:passenger:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:redhat:openshift:1.0:*:enterprise:*:*:*:*:*

EPSS

Процентиль: 17%
0.00056
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2013-2119

ubuntu
около 12 лет назад

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

redhat логотип

CVE-2013-2119

redhat
больше 12 лет назад

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

debian логотип

CVE-2013-2119

debian
около 12 лет назад

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby al ...

github логотип

GHSA-9qj7-jvg4-qr2x

github
больше 8 лет назад

Phusion Passenger Denial of Service

EPSS

Процентиль: 17%
0.00056
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264