Ruby TclTkIp 'ip_cancel_eval()' Function Type Confusion Remote Code Execution Vulnerability

Ruby is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition.

Ruby versions 2.2.2, and 2.3.0 are vulnerable.

Information

Bugtraq ID: 91233
Class: Unknown
CVE: CVE-2016-2337

Remote: Yes
Local: No
Published: Jun 14 2016 12:00AM
Updated: Jul 26 2017 10:08AM
Credit: Marcin ‘Icewall’ Noga of Cisco Talos.
Vulnerable: Yukihiro Matsumoto Ruby 2.3.0
Yukihiro Matsumoto Ruby 2.2.2
Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS

Not Vulnerable:

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

References:

Ruby Home Page (Yukihiro Matsumoto)
TALOS-2016-0031: Ruby TclTkIp ip_cancel_eval Type Confusion Vulnerabilities (Cisco)

Source: www.securityfocus.com

Exploit Collector

Search Exploit