CVE-2011-0449

actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://groups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain
http://securitytracker.com/id?1025061
http://secunia.com/advisories/43278	Vendor Advisory
http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4	Patch
http://www.vupen.com/english/advisories/2011/0877
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rubyonrails:rails:3.0.0:beta::::::
	cpe:2.3:a:rubyonrails:rails:3.0.1:pre::::::
	cpe:2.3:a:rubyonrails:rails:3.0.2:pre::::::
	cpe:2.3:a:rubyonrails:rails:3.0.3:::::::*
	cpe:2.3:a:rubyonrails:rails:3.0.4:rc1::::::
	cpe:2.3:a:rubyonrails:rails:3.0.0:beta3::::::
	cpe:2.3:a:rubyonrails:rails:3.0.0:beta4::::::
	cpe:2.3:a:rubyonrails:rails:3.0.0:rc::::::
	cpe:2.3:a:rubyonrails:rails:3.0.0:rc2::::::
	cpe:2.3:a:rubyonrails:rails:3.0.0:::::::*
	cpe:2.3:a:rubyonrails:rails:3.0.0:beta2::::::
	cpe:2.3:a:rubyonrails:rails:3.0.1:::::::*
	cpe:2.3:a:rubyonrails:rails:3.0.2:::::::*

Information

Published : 2011-02-21 10:00

Updated : 2019-08-08 08:41

NVD link : CVE-2011-0449

Mitre link : CVE-2011-0449

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Advertisement

Products Affected

rubyonrails

rails

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://groups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain", "name": "[rubyonrails-security] 20110209 Filter Problems on Case-Insensitive Filesystems", "tags": [], "refsource": "MLIST"}, {"url": "http://securitytracker.com/id?1025061", "name": "1025061", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/43278", "name": "43278", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4", "name": "http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.vupen.com/english/advisories/2011/0877", "name": "ADV-2011-0877", "tags": [], "refsource": "VUPEN"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html", "name": "FEDORA-2011-4358", "tags": [], "refsource": "FEDORA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-0449", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-02-21T18:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-08-08T15:41Z"}