Bugtraq mailing list archives
Re: [DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability
From: H D Moore <sflist () digitaloffense net>
Date: Thu, 6 Mar 2008 11:28:00 -0600
Hi Alexandr! I added a "monkey-patch" for this in the Metasploit source tree -- even if you use Metasploit 3.1 with an unpatched version of Ruby, the patched handler code is loaded into memory on top of the existing module. Since the msfweb service will bind to 127.0.0.1 by default, this is not a major risk, but it seemed prudent to patch it anyways. The patch was pushed to the Metasploit SVN trees, which are used by the Online Update functionality in the Windows version. Mac OS X users will need to change into the Metasploit directory and 'svn update'. Thanks! -HD On Thursday 06 March 2008, Alexandr Polyakov wrote:
Digital Security Research Group [DSecRG] Advisory #DSECRG-08-018 Application: Ruby 1.8.6 (WEBrick Web server Toolkit and applications that used WEBrick, like Metasploit 3.1) Versions
Current thread:
- [DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability Alexandr Polyakov (Mar 06)
- Re: [DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability H D Moore (Mar 06)