CVE-2016-10345 — Passenger vulnerability

CWE-26410 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 80.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phusion Passenger

Timeline

PublishedApr 18

Latest updateAug 21

Description

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶RubyGemsphusion/passenger< 5.1.0

▶Debianphusion/passenger< 6.0.10-1+2

▶NVDphusion/passenger5.0.30

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Phusion Passenger uses a known /tmp filename↗2018-08-21

▶

GHSA

Phusion Passenger uses a known /tmp filename↗2018-08-21

▶

CVEList

CVE-2016-10345: In Phusion Passenger before 5↗2017-04-18

▶

OSV

CVE-2016-10345: In Phusion Passenger before 5↗2017-04-18

▶

📋Vendor Advisories

Red Hat

passenger: File overwrite vulnerability in passenger-install-nginx-module↗2016-11-09

▶

Debian

CVE-2016-10345: passenger - In Phusion Passenger before 5.1.0, a known /tmp filename was used during passeng...↗2016

▶

💬Community

Bugzilla

CVE-2016-10345 passenger: File overwrite vulnerability in passenger-install-nginx-module↗2017-04-25

▶

Bugzilla

CVE-2016-10345 passenger: rubygem-passenger: File overwrite vulnerability in passenger-install-nginx-module [fedora-all]↗2017-04-25

▶

Bugzilla

CVE-2016-10345 passenger: rubygem-passenger: File overwrite vulnerability in passenger-install-nginx-module [epel-7]↗2017-04-25

▶