Vulnerability Description
In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phusion | Passenger | >= 5.0.10, < 5.1.10 |
| Debian | Debian Linux | 9.0 |
Related Weaknesses (CWE)
References
- https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/Third Party Advisory
- https://github.com/phusion/passenger/commit/4043718264095cde6623c2cbe8c644541036PatchThird Party Advisory
- https://seclists.org/bugtraq/2019/Mar/34Issue TrackingMailing ListThird Party Advisory
- https://www.debian.org/security/2019/dsa-4415Third Party Advisory
- https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/Third Party Advisory
- https://github.com/phusion/passenger/commit/4043718264095cde6623c2cbe8c644541036PatchThird Party Advisory
- https://seclists.org/bugtraq/2019/Mar/34Issue TrackingMailing ListThird Party Advisory
- https://www.debian.org/security/2019/dsa-4415Third Party Advisory
FAQ
What is CVE-2017-16355?
CVE-2017-16355 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the con...
How severe is CVE-2017-16355?
CVE-2017-16355 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16355?
Check the references section above for vendor advisories and patch information. Affected products include: Phusion Passenger, Debian Debian Linux.