oss-sec mailing list archives
Re: CVE Request -- RubyGems
From: Alex Legler <a3li () gentoo org>
Date: Tue, 21 Jul 2009 22:04:08 +0200
Hi, first a little note: I have talked to some people in the Ruby community and the issue is quite disputed. There is no upstream reaction that I know of. But since CVE-2007-0469 was assigned to a similar issue, I think this issue is valid, too. On Di, 2009-07-21 at 20:57 +0200, Jan Lieskovsky wrote:
A remote attacker could provide a specially-crafted Gem (POSIX tar) archive,
Please note that .gem files are not neccesarily tarballs, there is at least a proprietary base64-based format around and I've heard about cpio.
which once opened by an unsuspecting user, would overwrite relevant system file.
The user in this context has to be a privileged user. gem will use ~/.gem/bin if the system-wide gem binary directory is not writeable. Alex
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE Request -- RubyGems Jan Lieskovsky (Jul 21)
- Re: CVE Request -- RubyGems Alex Legler (Jul 21)
