#VU15724 Security restrictions bypass


Published: 2018-11-06

Vulnerability identifier: #VU15724

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-16395

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ruby
Universal components / Libraries / Scripting languages

Vendor: Ruby

Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists in OpenSSL::X509::Name due to the equality check is not correct if the value of an entity of the argument (right-hand side) starts with the value of the receiver (left-hand side). A remote attacker can supply malicious X.509 certificate to be passed and bypass security restrictions to conduct further attacks.

Mitigation
The vulnerability has been fixed in the versions 2.3.8, 2.4.5, 2.5.2.

Vulnerable software versions

Ruby: 2.2.3 - 2.6.0-preview2


CPE

External links
http://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctl...


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability