CyberSec.Space Logo
Back to CVE Browser

CVE-2018-12027

HIGH
8.8
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile43.52th
PublishedJun 17, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.

Affected Platforms (CPE)

πŸ“¦
Phusion

Passenger

>= 5.3.0 and < 5.3.2

References & Advisories

πŸ”— https://blog.phusion.nl/passenger-5-3-2
πŸ”— https://security.gentoo.org/glsa/201807-02
πŸ”— https://blog.phusion.nl/passenger-5-3-2
πŸ”— https://security.gentoo.org/glsa/201807-02

Related Vulnerabilities

CVE-2018-120269.8

During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such ...

CVE-2016-103457.8

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could all...

CVE-2018-120287.8

An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malici...

CVE-2012-61357.5

RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.