CVE-2011-1004
published 2011-03-02CVE-2011-1004: The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136…
PriorityP418medium6.3CVSS 2.0
AVLACMAuNCNICAC
EPSS
0.39%
30.4th percentile
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
CVSS provenance
nvdv2.06.3MEDIUMAV:L/AC:M/Au:N/C:N/I:C/A:C
vendor_redhat6.3MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Ruby vulnerabilities
vendor_ubuntu·2012-02-28·CVSS 4.3
CVE-2010-0541 [MEDIUM] Ruby vulnerabilities
Title: Ruby vulnerabilities
Summary: Several security issues were fixed in ruby1.8.
Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site
scripting attacks when displaying error pages. A remote attacker could use this
flaw to run arbitrary web script. (CVE-2010-0541)
Drew Yao discovered that Ruby's BigDecimal module did not properly allocate
memory on 64-bit platforms. An attacker could use this flaw to cause a denial
of service or possibly execute arbitrary code with user privileges.
(CVE-2011-0188)
Nicholas Jefferson discovered that the FileUtils.remove_entry_secure method in
Ruby did not properly remove non-empty directories. An attacker could use this
flaw to possibly delete arbitrary files. (CVE-2011-1004)
It was discovered that Ruby incorrectly allowed un
Red Hat
Ruby: Symlink race condition by removing directory trees in fileutils module
vendor_redhat·2011-02-18·CVSS 6.3
CVE-2011-1004 [MEDIUM] Ruby: Symlink race condition by removing directory trees in fileutils module
Ruby: Symlink race condition by removing directory trees in fileutils module
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.
Package: ruby (Red Hat Enterprise Linux 4) - Not affected
GHSA
GHSA-45wv-gc6w-fq7m: The FileUtils
ghsa_unreviewed·2022-05-17
CVE-2011-1004 [MEDIUM] CWE-59 GHSA-45wv-gc6w-fq7m: The FileUtils
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-1167 libtiff: heap-based buffer overflow in thunder decoder (ZDI-CAN-1004) [fedora-all]
bugzilla·2011-03-21·CVSS 6.8
CVE-2011-1167 [MEDIUM] CVE-2011-1167 libtiff: heap-based buffer overflow in thunder decoder (ZDI-CAN-1004) [fedora-all]
CVE-2011-1167 libtiff: heap-based buffer overflow in thunder decoder (ZDI-CAN-1004) [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=684939
Please note: this
Bugzilla
CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module
bugzilla·2011-02-20·CVSS 6.3
CVE-2011-1004 [MEDIUM] CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module
CVE-2011-1004 Ruby: Symlink race condition by removing directory trees in fileutils module
A race condition was found in the way the secure
implementation of Ruby fileutils' remove system
entries method (remove_entry_secure()), removed
directory trees. A local attacker could use this
flaw to conduct symbolic link attacks, leading to
removal of arbitrary files or directories on the system.
References:
[1] http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
Upstream patch (against trunk):
[2] http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=30896
Discussion:
This issue did NOT affect the versions of the ruby package, as shipped
with Red Hat Enterprise Linux 3 or 4, as those versions do not include
support for remove_entry_secure() me
http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.htmlhttp://osvdb.org/70958http://secunia.com/advisories/43434http://secunia.com/advisories/43573http://support.apple.com/kb/HT5281http://www.mandriva.com/security/advisories?name=MDVSA-2011:097http://www.openwall.com/lists/oss-security/2011/02/21/2http://www.openwall.com/lists/oss-security/2011/02/21/5http://www.redhat.com/support/errata/RHSA-2011-0909.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0910.htmlhttp://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/http://www.securityfocus.com/bid/46460http://www.vupen.com/english/advisories/2011/0539https://bugzilla.redhat.com/show_bug.cgi?id=678913http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/054422.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/054436.htmlhttp://osvdb.org/70958http://secunia.com/advisories/43434http://secunia.com/advisories/43573http://support.apple.com/kb/HT5281http://www.mandriva.com/security/advisories?name=MDVSA-2011:097http://www.openwall.com/lists/oss-security/2011/02/21/2http://www.openwall.com/lists/oss-security/2011/02/21/5http://www.redhat.com/support/errata/RHSA-2011-0909.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0910.htmlhttp://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/http://www.securityfocus.com/bid/46460http://www.vupen.com/english/advisories/2011/0539https://bugzilla.redhat.com/show_bug.cgi?id=678913
2011-03-02
Published