Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
Related vulnerabilities
GSD-2013-4136
Vulnerability from gsd - Updated: 2013-06-10 00:00Details
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-4136",
"description": "ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.",
"id": "GSD-2013-4136",
"references": [
"https://www.suse.com/security/cve/CVE-2013-4136.html",
"https://access.redhat.com/errata/RHSA-2013:1136"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "passenger",
"purl": "pkg:gem/passenger"
}
}
],
"aliases": [
"CVE-2013-4136",
"OSVDB-94074"
],
"details": "ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.",
"id": "GSD-2013-4136",
"modified": "2013-06-10T00:00:00.000Z",
"published": "2013-06-10T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4136"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 4.6,
"type": "CVSS_V2"
}
],
"summary": "CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/phusion/passenger/blob/release-4.0.6/NEWS",
"refsource": "CONFIRM",
"url": "https://github.com/phusion/passenger/blob/release-4.0.6/NEWS"
},
{
"name": "https://code.google.com/p/phusion-passenger/issues/detail?id=910",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/phusion-passenger/issues/detail?id=910"
},
{
"name": "https://github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b",
"refsource": "CONFIRM",
"url": "https://github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b"
},
{
"name": "RHSA-2013:1136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1136.html"
},
{
"name": "[oss-security] 20130716 Re: Re: Insecure temp files usage in phusion passenger (other than CVE-2013-2119)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/07/16/6"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2013-4136",
"cvss_v2": 4.6,
"date": "2013-06-10",
"description": "ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.",
"gem": "passenger",
"osvdb": 94074,
"patched_versions": [
"\u003e= 4.0.8"
],
"title": "CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4136"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c4.0.8",
"affected_versions": "All versions before 4.0.8",
"cvss_v2": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"cwe_ids": [
"CWE-1035",
"CWE-59",
"CWE-937"
],
"date": "2013-10-10",
"description": "This package contains a flaw as the program creates temporary directories insecurely. It is possible for a local attacker to use a symlink attack against the Utils.cpp file to allow the attacker to gain elevated privileges.",
"fixed_versions": [
"4.0.8"
],
"identifier": "CVE-2013-4136",
"identifiers": [
"CVE-2013-4136"
],
"not_impacted": "All versions starting from 4.0.8",
"package_slug": "gem/passenger",
"pubdate": "2013-09-30",
"solution": "Upgrade to version 4.0.8 or above.",
"title": "Utils.cpp Temporary Directory Creation Symlink Local Privilege Escalation",
"urls": [],
"uuid": "998a4285-e08b-4c9f-a265-5ca1d5a32cb5"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:phusion:passenger:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phusion:passenger:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phusion:passenger:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phusion:passenger:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4136"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b",
"refsource": "CONFIRM",
"tags": [],
"url": "https://github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b"
},
{
"name": "https://github.com/phusion/passenger/blob/release-4.0.6/NEWS",
"refsource": "CONFIRM",
"tags": [],
"url": "https://github.com/phusion/passenger/blob/release-4.0.6/NEWS"
},
{
"name": "https://code.google.com/p/phusion-passenger/issues/detail?id=910",
"refsource": "CONFIRM",
"tags": [],
"url": "https://code.google.com/p/phusion-passenger/issues/detail?id=910"
},
{
"name": "RHSA-2013:1136",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1136.html"
},
{
"name": "[oss-security] 20130716 Re: Re: Insecure temp files usage in phusion passenger (other than CVE-2013-2119)",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2013/07/16/6"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2013-10-10T19:09Z",
"publishedDate": "2013-09-30T21:55Z"
}
}
}