CVE-2017-17790

Public Exploit

Description

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.

References

Link	Tags
https://access.redhat.com/errata/RHSA-2018:0585	vendor advisory
https://lists.debian.org/debian-lts-announce/2017/12/msg00024.html	mailing list
https://access.redhat.com/errata/RHSA-2018:0378	vendor advisory
https://github.com/ruby/ruby/pull/1777	third party advisory issue tracking exploit
https://access.redhat.com/errata/RHSA-2018:0584	vendor advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html	mailing list
https://access.redhat.com/errata/RHSA-2018:0583	vendor advisory
https://lists.debian.org/debian-lts-announce/2017/12/msg00025.html	mailing list
https://www.debian.org/security/2018/dsa-4259	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2017-17790?: CVE-2017-17790 has been scored as a critical severity vulnerability.
How to fix CVE-2017-17790?: To fix CVE-2017-17790, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2017-17790 being actively exploited in the wild?: It is possible that CVE-2017-17790 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-74 – Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

References

Frequently Asked Questions