FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ruby -- Object taint bypassing in DL and Fiddle in Ruby

Affected packages
ruby19 < 1.9.3.429,1

Details

VuXML ID 79789daa-8af8-4e21-a47f-e8a645752bdb
Discovery 2013-05-14
Entry 2013-05-26

Ruby Developers report:

There is a vulnerability in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set in Ruby.

Native functions exposed to Ruby with DL or Fiddle do not check the taint values set on the objects passed in. This can result in tainted objects being accepted as input when a SecurityError exception should be raised.

[source]

References

CVE Name CVE-2013-2065
URL http://www.ruby-lang.org/en/news/2013/05/14/taint-bypass-dl-fiddle-cve-2013-2065/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.