Vulnerability Name:

CVE-2008-1891 (CCN-41824)

Assigned:2008-04-15
Published:2008-04-15
Updated:2017-08-08
Summary:Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-22
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Luigi Auriemma Advisories, 15 Apr 2008
CGI source disclosure in WEBrick

Source: MISC
Type: UNKNOWN
http://aluigi.altervista.org/adv/webrickcgi-adv.txt

Source: MITRE
Type: CNA
CVE-2008-1891

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:017

Source: CCN
Type: SA29794
Ruby WEBrick Information Disclosure

Source: SECUNIA
Type: Vendor Advisory
29794

Source: SECUNIA
Type: UNKNOWN
30831

Source: SECUNIA
Type: UNKNOWN
31687

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:140

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:141

Source: CCN
Type: OSVDB ID: 44682
WEBrick in Ruby URI Multiple Encoded Traversal Arbitrary File Access

Source: CCN
Type: Ruby Programming Language Web site
Ruby Programming Language

Source: CONFIRM
Type: UNKNOWN
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/

Source: VUPEN
Type: UNKNOWN
ADV-2008-1245

Source: XF
Type: UNKNOWN
ruby-webrick-cgi-info-disclosure(41824)

Source: XF
Type: UNKNOWN
ruby-webrick-cgi-info-disclosure(41824)

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-5649

Source: SUSE
Type: SUSE-SR:2008:017
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ruby-lang:ruby:1.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:*:*:*:*:*:*:*:* (Version <= 1.9.0)

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20081891
    V
    CVE-2008-1891
    2017-09-27
    BACK
    ruby-lang ruby 1.8.5
    ruby-lang ruby 1.8.6
    ruby-lang ruby *