CVE-2017-17790 - Injection vulnerability in Ruby Lang Ruby

Publication

2017-12-20

Last modification

2018-08-03

Summary

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.

Classification

CWE-74 - Injection

Risk level (CVSS AV:N/AC:L/Au:N/C:P/I:P/A:P)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Ruby Lang Ruby  2.2.3 , 2.2.4 , 2.2.7 , 2.2.1 , 2.2.8 , 2.3.0 , 2.3.4 , 2.2.0 , 2.3.2 , 2.4.0 , 2.3.1 , 2.2.2 , 2.3.3 , 2.4.1 , 2.3.5 , 2.2.5 , 2.2.6 , 2.5.0 , 2.4.2