Vulnerability Name:

CVE-2012-2139 (CCN-75165)

Assigned:2012-03-14
Published:2012-03-14
Updated:2013-10-07
Summary:Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-22
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2012-2139

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-7692

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-7535

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-7619

Source: CCN
Type: RHSA-2012-1542
Moderate: CloudForms Commons 1.1 security update

Source: CCN
Type: RubyForge Web site
RubyGems

Source: CCN
Type: SA48970
Ruby Mail Gem Directory Traversal and Shell Command Injection Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
48970

Source: MLIST
Type: UNKNOWN
[oss-security] 20120425 CVE request: two flaws fixed in rubygem-mail 2.4.4

Source: MLIST
Type: UNKNOWN
[oss-security] 20120425 Re: CVE request: two flaws fixed in rubygem-mail 2.4.4

Source: CCN
Type: OSVDB ID: 81631
Mail Gem for Ruby File Delivery Method to Parameter Traversal Arbitrary File Manipulation

Source: CCN
Type: BID-53257
RubyGems mail Directory Traversal and Command Injection Vulnerabilities

Source: MISC
Type: UNKNOWN
https://bugzilla.novell.com/show_bug.cgi?id=759092

Source: MISC
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=816352

Source: XF
Type: UNKNOWN
rubygems-to-dir-traversal(75165)

Source: CCN
Type: github: mail
mail / CHANGELOG.rdoc

Source: CONFIRM
Type: Exploit, Patch
https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f

Vulnerable Configuration:Configuration 1:
  • cpe:/a:rubygems:mail_gem:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubygems:mail_gem:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubygems:mail_gem:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubygems:mail_gem:*:*:*:*:*:*:*:* (Version <= 2.4.3)

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:26221
    P
    		Security update for python-numpy (Moderate) (in QA)
    2022-01-17
    oval:org.opensuse.security:def:26220
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:20122139
    V
    		CVE-2012-2139
    2021-08-15
    oval:org.opensuse.security:def:26996
    P
    		nfs-client on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26562
    P
    		gtk2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26899
    P
    		fuse on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26296
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27634
    P
    		Security update for libgcrypt
    2020-12-01
    oval:org.opensuse.security:def:26646
    P
    		unzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26938
    P
    		libQtWebKit4-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26424
    P
    		Security update for enigmail (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27669
    P
    		Security update for rubygem-mail-2_3
    2020-12-01
    oval:org.opensuse.security:def:26797
    P
    		pam_krb5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26952
    P
    		libgtop on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26505
    P
    		Security update for phpMyAdmin (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26850
    P
    		LibVNCServer on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26232
    P
    		Security update for openconnect (Moderate)
    2020-12-01
    BACK
    rubygems mail gem 2.3.2
    rubygems mail gem 2.3.3
    rubygems mail gem 2.4.1
    rubygems mail gem *