CVE-2013-4136 — Link Following in Passenger

CWE-59 — Link Following9 documents7 sources

Severity

4.4MEDIUMNVD

EPSS

0.0%

top 86.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phusion Passenger

Timeline

PublishedSep 30

Latest updateOct 24

Description

ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages3 packages

▶RubyGemsphusion/passenger< 4.0.6

▶Debianphusion/passenger< 3.0.13debian-1.2+3

▶NVDphusion/passenger4.0.5+4

🔴Vulnerability Details

OSV

insecure temporary directory usage in passenger↗2017-10-24

▶

GHSA

insecure temporary directory usage in passenger↗2017-10-24

▶

CVEList

CVE-2013-4136: ext/common/ServerInstanceDir↗2013-09-30

▶

OSV

CVE-2013-4136: ext/common/ServerInstanceDir↗2013-09-30

▶

📋Vendor Advisories

Red Hat

rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories↗2013-06-20

▶

Debian

CVE-2013-4136: passenger - ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby al...↗2013

▶

💬Community

Bugzilla

CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories↗2013-07-18

▶

Bugzilla

rubygem-passenger: CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories [fedora-all]↗2013-07-18

▶