CVE-2015-9096
published 2017-06-12CVE-2015-9096: Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences…
PriorityP432medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
3.65%
88.2th percentile
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | ruby | <= 2.4.0 | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv7.3HIGH
vendor_ubuntu7.3HIGH
vendor_redhat6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Ruby vulnerabilities
vendor_ubuntu·2017-07-25·CVSS 7.3
CVE-2009-5147 [HIGH] Ruby vulnerabilities
Title: Ruby vulnerabilities
Summary: Several security issues were fixed in Ruby.
It was discovered that Ruby DL::dlopen incorrectly handled opening
libraries. An attacker could possibly use this issue to open libraries with
tainted names. This issue only applied to Ubuntu 14.04 LTS. (CVE-2009-5147)
Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby
OpenSSL extension incorrectly handled hostname wildcard matching. This
issue only applied to Ubuntu 14.04 LTS. (CVE-2015-1855)
Christian Hofstaedtler discovered that Ruby Fiddle::Handle incorrectly
handled certain crafted strings. An attacker could use this issue to cause
a denial of service, or possibly execute arbitrary code. This issue only
applied to Ubuntu 14.04 LTS. (CVE-2015-7551)
It was discovered that Ruby N
Red Hat
ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
vendor_redhat·2017-06-12·CVSS 6.1
CVE-2015-9096 [MEDIUM] CWE-88 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
A SMTP command injection flaw was found in the way Ruby's Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could potentially use this flaw to inject SMTP commands in a SMTP session in order to facilitate phishing attacks or spam campaigns.
Package: rh-ruby22-ruby (CloudForms Management Engine 5) - Will not fix
Package: ruby-200-ruby (CloudForms Management Engine 5) - Will not fix
Package: ruby (Red Hat Enterprise Linux 5) - Will not fix
Package: ruby (Red Hat E
GHSA
GHSA-2h3c-5vqm-gqfh: Net::SMTP in Ruby before 2
ghsa_unreviewed·2022-05-14
CVE-2015-9096 [MEDIUM] CWE-93 GHSA-2h3c-5vqm-gqfh: Net::SMTP in Ruby before 2
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
OSV
ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities
osv·2017-07-25·CVSS 7.3
CVE-2009-5147 [HIGH] ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities
ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities
It was discovered that Ruby DL::dlopen incorrectly handled opening
libraries. An attacker could possibly use this issue to open libraries with
tainted names. This issue only applied to Ubuntu 14.04 LTS. (CVE-2009-5147)
Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby
OpenSSL extension incorrectly handled hostname wildcard matching. This
issue only applied to Ubuntu 14.04 LTS. (CVE-2015-1855)
Christian Hofstaedtler discovered that Ruby Fiddle::Handle incorrectly
handled certain crafted strings. An attacker could use this issue to cause
a denial of service, or possibly execute arbitrary code. This issue only
applied to Ubuntu 14.04 LTS. (CVE-2015-7551)
It was discovered that Ruby Net::SMTP incorrectly handled CRLF sequ
OSV
CVE-2015-9096: Net::SMTP in Ruby before 2
osv·2017-06-12·CVSS 6.1
CVE-2015-9096 [MEDIUM] CVE-2015-9096: Net::SMTP in Ruby before 2
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
bugzilla·2017-06-15·CVSS 6.1
CVE-2015-9096 [MEDIUM] CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
Upstream patch:
https://github.com/ruby/ruby/commit/0827a7e52ba3d957a634b063bf5a391239b9ffee
Discussion:
Created ruby tracking bugs for this issue:
Affects: fedora-all [bug 1461848]
Created ruby193-ruby tracking bugs for this issue:
Affects: openshift-1 [bug 1461849]
Bugzilla
CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]
bugzilla·2017-06-15·CVSS 6.1
CVE-2015-9096 [MEDIUM] CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]
CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: thi
http://www.mbsd.jp/Whitepaper/smtpi.pdfhttps://github.com/ruby/ruby/commit/0827a7e52ba3d957a634b063bf5a391239b9ffeehttps://github.com/rubysec/ruby-advisory-db/issues/215https://hackerone.com/reports/137631https://lists.debian.org/debian-lts-announce/2018/07/msg00012.htmlhttps://www.debian.org/security/2017/dsa-3966http://www.mbsd.jp/Whitepaper/smtpi.pdfhttps://github.com/ruby/ruby/commit/0827a7e52ba3d957a634b063bf5a391239b9ffeehttps://github.com/rubysec/ruby-advisory-db/issues/215https://hackerone.com/reports/137631https://lists.debian.org/debian-lts-announce/2018/07/msg00012.htmlhttps://www.debian.org/security/2017/dsa-3966
2017-06-12
Published