Vulnerability Note VU#404515

Ruby WEBrick vulnerable to directory traversal

Original Release date: 14 Apr 2008 | Last revised: 14 Apr 2008

Overview

Ruby WEBrick is vulnerable to a directory traversal on systems that support backslash (\) path separators. This vulnerability may allow an attacker to access arbitrary files outside of the web server root directory.

Description

WEBrick is a Ruby library program to build HTTP servers. WEBrick contains a directory traversal vulnerability in systems that accept backslash (\) as a path separator. A remote attacker may be able to exploit this vulnerability by using encoded backslash sequences (..%5c). For more information please see "File access vulnerability of WEBrick."

Impact

A remote attacker could gain access to arbitrary files outside of the web server root directory.

Solution

Apply an Update

Ruby has released version 1.8.5-p115 and 1.8.6-p114 for the 1.8 series. For the 1.9 series, apply the patch referenced in "File access vulnerability of WEBrick."

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
RubyAffected-04 Apr 2008
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Alexandr Polyakov for reporting this vulnerability.

This document was written by John Hollenberger.

Other Information

  • CVE IDs: CVE-2008-1145
  • Date Public: 06 Mar 2008
  • Date First Published: 14 Apr 2008
  • Date Last Updated: 14 Apr 2008
  • Severity Metric: 12.83
  • Document Revision: 9

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.