exploitDog

CVE-2013-2119

Опубликовано: 29 мая 2013

Источник: redhat

CVSS2: 4.6

Описание

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-377

https://bugzilla.redhat.com/show_bug.cgi?id=892813rubygem-passenger: incorrect temporary file usage

4.6 Medium

CVSS2

Связанные уязвимости

CVE-2013-2119

ubuntu

около 12 лет назад

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

CVE-2013-2119

nvd

около 12 лет назад

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

CVE-2013-2119

debian

около 12 лет назад

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby al ...

GHSA-9qj7-jvg4-qr2x

github

больше 8 лет назад

Phusion Passenger Denial of Service

4.6 Medium

CVSS2