BugTraq
[DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability Mar 06 2008 08:34AM
Alexandr Polyakov (alexandr polyakov dsec ru) (1 replies)
Re: [DSECRG-08-018] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory traversal file Download Vulnerability Mar 06 2008 05:28PM
H D Moore (sflist digitaloffense net)
Hi Alexandr!

I added a "monkey-patch" for this in the Metasploit source tree -- even if
you use Metasploit 3.1 with an unpatched version of Ruby, the patched
handler code is loaded into memory on top of the existing module. Since
the msfweb service will bind to 127.0.0.1 by default, this is not a major
risk, but it seemed prudent to patch it anyways.

The patch was pushed to the Metasploit SVN trees, which are used by the
Online Update functionality in the Windows version. Mac OS X users will
need to change into the Metasploit directory and 'svn update'.

Thanks!

-HD

On Thursday 06 March 2008, Alexandr Polyakov wrote:
> Digital Security Research Group [DSecRG] Advisory #DSECRG-08-018
>
> Application: Ruby 1.8.6 (WEBrick Web server Toolkit
> and applications that used WEBrick, like Metasploit 3.1) Versions

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus