Ubuntu update for Ruby
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 |
| CWE-ID | CWE-20 CWE-284 CWE-502 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU8057
Risk: Medium
CVSSv4.0: 7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2017-0901
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to overwrite arbitrary files on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into installing a specially crafted RubyGem and overwrite arbitrary files.
Update the affected packages
Ubuntu: 16.04 - 17.10
CPE2.3 External linkshttps://www.ubuntu.com/usn/usn-3553-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Session hijacking
EUVDB-ID: #VU8058
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-0902
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to hijack the target user's session.
The weakness exists due to improper access control. A remote attacker can hijack DNS sessions.
Update the affected packages
Ubuntu: 16.04 - 17.10
CPE2.3 External linkshttps://www.ubuntu.com/usn/usn-3553-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Deserialization of untrusted data
EUVDB-ID: #VU8815
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-0903
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to YAML deserialization of gem specifications. A remote attacker can inject an instance of specially crafted serialized objects, gain elevated privileges and execute arbitrary Ruby code on RubyGems.org.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected packages
Ubuntu: 16.04 - 17.10
CPE2.3 External linkshttps://www.ubuntu.com/usn/usn-3553-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
