SB2018041927 - Fedora 27 update for ruby

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018041927

SB2018041927 - Fedora 27 update for ruby

Published: April 19, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018041927
Severity
Low
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Path traversal (CVE-ID: CVE-2018-6914)

The vulnerability allows a remote attacker to write arbitrary files on the target system.

The weakness exists in the Dir.mktmpdir method in the tmpdir library due to path traversal. A remote attacker can create a directory or a file at any directory in the prefix argument.

2) Poison null byte (CVE-ID: CVE-2018-8779)

The vulnerability allows a remote attacker to write arbitrary files on the target system.

The weakness exists in the UNIXServer.open and UNIXSocket.open methods due to improper checking of null characters. A remote attacker can accept the socket file in the unintentional path.

3) Path traversal (CVE-ID: CVE-2018-8780)

The vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.

The weakness exists in the Dir.open, Dir.new, Dir.entries and Dir.empty? methods due to improper checking of NULL characters. A remote attacker can trigger the unintentional directory traversal.

4) Resource exhaustion (CVE-ID: CVE-2018-8777)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists a large request in WEBrick. A remote attacker can send a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause the service to crash.

5) HTTP response splitting (CVE-ID: CVE-2017-17742)

The vulnerability allows a remote attacker to perform HTTP response splitting attack.

The weakness exists due to improper handling of HTTP requests. If a script accepts an external input and outputs it without modification as a part of HTTP responses, a remote attacker can use newline characters to trick the victim that the HTTP response header is stopped at there and inject fake HTTP responses after the newline characters to show malicious contents to the victim.

6) Buffer under-read (CVE-ID: CVE-2018-8778)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the String#unpack method due to buffer under-read. A remote attacker can gain access to potentially sensitive information.

Remediation

Install update from vendor's website.

References