oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Vulnerability Report for Ruby Gem lynx-0.2.0

From: larry0 () me com (Larry W. Cashdollar)
Date: Mon, 7 Jul 2014 14:14:54 -0400 (EDT)
Title: Vulnerability Report for Ruby Gem lynx-0.2.0

Author: Larry W. Cashdollar, @_larry0

Date: 06/01/2014

OSVDB: 108579

CVE:Please Assign

Download: http://rubygems.org/gems/lynx

Gem Author:  pan.thomakos () gmail com

From: ./lynx-0.2.0/lib/lynx/pipe/get.rb

Doesn't properly sanitize user input before sending to command line: 

From: lynx/blob/master/lib/lynx/pipe/run.rb
module Lynx
  module Pipe
    class Run < Basic
      def perform(command)
        system(command.to_s)
      end
    end
  end
end

Exposes password to the process table
From:lynx/blob/master/lib/lynx/command/basic.rb

@command << "--password=#{config.password}" if config.password

04-  module Pipe
6-      def perform(command)
7:        `#{command}`.strip
8-      end
9-    end
10-  end


Advisory: http://www.vapid.dhs.org/advisories/lynx-0.2.0.html
Previous By Date Next
Previous By Thread Next

Current thread: