Creme Fraiche 0.6 Ruby Gem Remote command Injection

2013-05-14 / 2013-05-15
Risk: High
Local: No
Remote: Yes
CWE: CWE-78


Ogólna skala CVSS: 9.3/10
Znaczenie: 10/10
Łatwość wykorzystania: 8.6/10
Wymagany dostęp: Zdalny
Złożoność ataku: Średnia
Autoryzacja: Nie wymagana
Wpływ na poufność: Pełny
Wpływ na integralność: Pełny
Wpływ na dostępność: Pełny

TITLE: Remote command Injection in Creme Fraiche 0.6 Ruby Gem DATE: 5/14/2013 AUTHOR: Larry W. Cashdollar (@_larry0) DOWNLOAD: http://rubygems.org/gems/cremefraiche, http://www.uplawski.eu/technology/cremefraiche/ DESCRIPTION: Converts Email to PDF files. VENDOR: Notifed on 5/13/2013, provided fix 5/14/2013 FIX: In Version 0.6.1 CVE: TBD (please assign?) DETAILS: The following lines pass unsanitized user input directly to the command line. A malicious email attachment with a file name consisting of shell metacharacters could inject commands into the shell. If the attacker is allowed to specify a filename (via a web gui) commands could be injected that way as well. 218 cmd = "pdftk %s updateinfo %s output %s" %[pdf, infofile, tfile] 219 @log.debug('pdftk-command is ' << cmd) 220 pdftkresult = system( cmd) GREETINGS: @vladz,@quine,@BrandonTansey,@sushidude,@jkouns,@sub_space and @attritionorg ADVISORY: http://vapid.dhs.org/advisories/cremefraiche-cmd-inj.html

Referencje:

http://rubygems.org/gems/cremefraiche
http://www.uplawski.eu/technology/cremefraiche/
http://vapid.dhs.org/advisories/cremefraiche-cmd-inj.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top