Vulnerability Name:

CVE-2014-2734

Assigned:2014-04-24
Published:2014-04-24
Updated:2014-11-19
Summary:** DISPUTED ** The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations.
Note: this issue has been disputed by the Ruby OpenSSL team and third parties, who state that the original demonstration PoC contains errors and redundant or unnecessarily-complex code that does not appear to be related to a demonstration of the issue. As of 20140502, CVE is not aware of any public comment by the original researcher.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
5.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-399
References:Source: MITRE
Type: CNA
CVE-2014-2734

Source: MISC
Type: Exploit
http://packetstormsecurity.com/files/126218/Ruby-OpenSSL-Private-Key-Spoofing.html

Source: FULLDISC
Type: Exploit
20140416 Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC

Source: FULLDISC
Type: UNKNOWN
20140502 Re: Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC

Source: OSVDB
Type: UNKNOWN
106006

Source: BID
Type: UNKNOWN
66956

Source: MISC
Type: UNKNOWN
https://gist.github.com/10446549

Source: MISC
Type: UNKNOWN
https://gist.github.com/emboss/91696b56cd227c8a0c13

Source: MISC
Type: UNKNOWN
https://github.com/adrienthebo/cve-2014-2734/

Source: MISC
Type: UNKNOWN
https://news.ycombinator.com/item?id=7601973

Source: MISC
Type: UNKNOWN
https://www.ruby-lang.org/en/news/2014/05/09/dispute-of-vulnerability-cve-2014-2734/

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*
  • OR cpe:/a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.precise:def:20142734000
    V
    		CVE-2014-2734 on Ubuntu 12.04 LTS (precise) - low.
    2014-04-24
    oval:com.ubuntu.trusty:def:20142734000
    V
    		CVE-2014-2734 on Ubuntu 14.04 LTS (trusty) - low.
    2014-04-24
    BACK
    ruby-lang ruby 2.0
    ruby-lang ruby 2.0.0
    ruby-lang ruby 2.0.0 p0
    ruby-lang ruby 2.0.0 p195
    ruby-lang ruby 2.0.0 p247
    ruby-lang ruby 2.0.0 preview1
    ruby-lang ruby 2.0.0 preview2
    ruby-lang ruby 2.0.0 rc1
    ruby-lang ruby 2.0.0 rc2
    ruby-lang ruby 2.1 -
    ruby-lang ruby 2.1 preview1
    ruby-lang ruby 2.1.1