CVE-2011-1004

Name of the Vulnerable Software and Affected Versions Ruby versions 1.8.6 through 1.8.6-420 Ruby versions 1.8.7 through 1.8.7-330 Ruby version 1.8.8dev Ruby versions 1.9.1 through 1.9.1-430 Ruby versions 1.9.2 through 1.9.2-136 Ruby version 1.9.3dev

Description The issue allows local users to delete arbitrary files via a symlink attack, exploiting the FileUtils.remove entry secure method. This method is vulnerable to a symlink attack, enabling attackers to delete files they should not have access to.

Recommendations For Ruby versions 1.8.6 through 1.8.6-420, consider disabling the FileUtils.remove entry secure method until a patch is available. For Ruby versions 1.8.7 through 1.8.7-330, consider disabling the FileUtils.remove entry secure method until a patch is available. For Ruby version 1.8.8dev, consider disabling the FileUtils.remove entry secure method until a patch is available. For Ruby versions 1.9.1 through 1.9.1-430, consider disabling the FileUtils.remove entry secure method until a patch is available. For Ruby versions 1.9.2 through 1.9.2-136, consider disabling the FileUtils.remove entry secure method until a patch is available. For Ruby version 1.9.3dev, consider disabling the FileUtils.remove entry secure method until a patch is available.