CVE-2006-3694
published 2006-07-21CVE-2006-3694: Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias…
PriorityP430medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EPSS
5.74%
92.1th percentile
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yukihiro_matsumoto | ruby | — | — |
| yukihiro_matsumoto | ruby | — | — |
| yukihiro_matsumoto | ruby | — | — |
CVSS provenance
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vendor_redhat6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
ruby1.8 vulnerability
vendor_ubuntu·2006-07-28
CVE-2006-3694 ruby1.8 vulnerability
Title: ruby1.8 vulnerability
Summary: ruby1.8 vulnerability
The alias function, certain directory operations, and regular
expressions did not correctly implement safe levels. Depending on the
application these flaws might allow attackers to bypass safe level
restrictions and perform unintended operations.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
security flaw
vendor_redhat·2006-07-11·CVSS 6.4
CVE-2006-3694 [MEDIUM] security flaw
security flaw
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
GHSA
GHSA-rx2v-jmvm-3c4h: Multiple unspecified vulnerabilities in Ruby before 1
ghsa_unreviewed·2022-05-03
CVE-2006-3694 [MEDIUM] GHSA-rx2v-jmvm-3c4h: Multiple unspecified vulnerabilities in Ruby before 1
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2006-3694 security flaw
bugzilla·2018-08-16·CVSS 6.4
CVE-2006-3694 [MEDIUM] CVE-2006-3694 security flaw
CVE-2006-3694 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
Bugzilla
CVE-2006-3694 Insecure operations in the certain safe-level restrictions
bugzilla·2006-07-20·CVSS 6.4
CVE-2006-3694 [MEDIUM] CVE-2006-3694 Insecure operations in the certain safe-level restrictions
CVE-2006-3694 Insecure operations in the certain safe-level restrictions
+++ This bug was initially created as a clone of Bug #199538 +++
Description of problem:
Vulnerabilities has been reported in Ruby, which can be proceeded insecure
operations that originally wasn't expected in the certain safe-level restrictions.
Version-Release number of selected component (if applicable):
all versions of Ruby without any exceptions, such as 1.6.x and 1.8.x.
How reproducible:
always
Steps to Reproduce:
1.ruby dir_jvn13947696.rb
2.ruby dir_jvn13947696_2.rb
3.
Actual results:
no exceptions.
Expected results:
$ ruby dir_jvn13947696.rb
dir_jvn13947696.rb:5:in `read': Insecure: operation on untainted Dir (SecurityError)
from dir_jvn13947696.rb:3:in `join'
from dir_jvn13947696.rb:3
$ ruby dir_jvn139
Bugzilla
CVE-2006-3694 ruby safe-level bypass
bugzilla·2006-07-20·CVSS 6.4
CVE-2006-3694 [MEDIUM] CVE-2006-3694 ruby safe-level bypass
CVE-2006-3694 ruby safe-level bypass
+++ This bug was initially created as a clone of Bug #199543 +++
Description of problem:
A Vulneerability has been reported in Ruby, which can be exploited by malicious
people to bypass certain security-level restrictions.
Version-Release number of selected component (if applicable):
all versions of Ruby, such as 1.6.x and 1.8.x without any exceptions.
How reproducible:
always
Steps to Reproduce:
1.ruby alias_jvn83768862.patch
2.
3.
Actual results:
no exceptions.
Expected results:
$ ruby alias_jvn83768862.patch
alias_jvn83768862.patch:9:in `p': calling insecure method: inspect (SecurityError)
from alias_jvn83768862.patch:9
Additional info:
thia affects to RHEL2.1, 3 and 4 as well.
-- Additional comment from [email protected] on 2006-07-20 05:47
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-Phttp://jvn.jp/jp/JVN%2313947696/index.htmlhttp://jvn.jp/jp/JVN%2383768862/index.htmlhttp://lists.freebsd.org/pipermail/freebsd-security/2006-July/003907.htmlhttp://lists.freebsd.org/pipermail/freebsd-security/2006-July/003915.htmlhttp://secunia.com/advisories/21009http://secunia.com/advisories/21233http://secunia.com/advisories/21236http://secunia.com/advisories/21272http://secunia.com/advisories/21337http://secunia.com/advisories/21598http://secunia.com/advisories/21657http://secunia.com/advisories/21749http://www.debian.org/security/2006/dsa-1139http://www.debian.org/security/2006/dsa-1157http://www.mandriva.com/security/advisories?name=MDKSA-2006:134http://www.novell.com/linux/security/advisories/2006_21_sr.htmlhttp://www.osvdb.org/27144http://www.osvdb.org/27145http://www.redhat.com/support/errata/RHSA-2006-0604.htmlhttp://www.securityfocus.com/bid/18944http://www.ubuntu.com/usn/usn-325-1http://www.vupen.com/english/advisories/2006/2760https://exchange.xforce.ibmcloud.com/vulnerabilities/27725https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9983ftp://patches.sgi.com/support/free/security/advisories/20060801-01-Phttp://jvn.jp/jp/JVN%2313947696/index.htmlhttp://jvn.jp/jp/JVN%2383768862/index.htmlhttp://lists.freebsd.org/pipermail/freebsd-security/2006-July/003907.htmlhttp://lists.freebsd.org/pipermail/freebsd-security/2006-July/003915.htmlhttp://secunia.com/advisories/21009http://secunia.com/advisories/21233http://secunia.com/advisories/21236http://secunia.com/advisories/21272http://secunia.com/advisories/21337http://secunia.com/advisories/21598http://secunia.com/advisories/21657http://secunia.com/advisories/21749http://www.debian.org/security/2006/dsa-1139http://www.debian.org/security/2006/dsa-1157http://www.mandriva.com/security/advisories?name=MDKSA-2006:134http://www.novell.com/linux/security/advisories/2006_21_sr.htmlhttp://www.osvdb.org/27144http://www.osvdb.org/27145http://www.redhat.com/support/errata/RHSA-2006-0604.htmlhttp://www.securityfocus.com/bid/18944http://www.ubuntu.com/usn/usn-325-1http://www.vupen.com/english/advisories/2006/2760https://exchange.xforce.ibmcloud.com/vulnerabilities/27725https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9983
2006-07-21
Published