CVE-2017-16355

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-16355
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-16355.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-16355
Aliases
Downstream
Related
Published
2017-12-14T22:29:00Z
Modified
2025-09-19T08:56:15.635350Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

References

Affected packages

Git / github.com/phusion/passenger

Affected ranges

Type
GIT
Repo
https://github.com/phusion/passenger
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4043718264095cde6623c2cbe8c644541036d7bf

Affected versions

release-1.*

release-1.0.0
release-1.0.1
release-1.0.2
release-1.0.3
release-1.0.4
release-1.0.5
release-1.9.0
release-1.9.1

release-2.*

release-2.0.1
release-2.0.2
release-2.1.1
release-2.1.2
release-2.1.3
release-2.2.0
release-2.2.1
release-2.2.10
release-2.2.11
release-2.2.12
release-2.2.13
release-2.2.14
release-2.2.15
release-2.2.2
release-2.2.3
release-2.2.4
release-2.2.5
release-2.2.6
release-2.2.7
release-2.2.8
release-2.2.9

release-3.*

release-3.0.0
release-3.0.0.pre1
release-3.0.0.pre2
release-3.0.0.pre3
release-3.0.0.rc1
release-3.0.1
release-3.0.10
release-3.0.11
release-3.0.12
release-3.0.13
release-3.0.14
release-3.0.15
release-3.0.17
release-3.0.18
release-3.0.2
release-3.0.3
release-3.0.4
release-3.0.5
release-3.0.6
release-3.0.7
release-3.0.8
release-3.0.9
release-3.9.0.beta
release-3.9.1.beta
release-3.9.2.beta
release-3.9.3.rc1
release-3.9.4.rc2
release-3.9.5.rc3

release-4.*

release-4.0.0.rc4
release-4.0.0.rc6
release-4.0.1
release-4.0.10
release-4.0.13
release-4.0.14
release-4.0.16
release-4.0.17
release-4.0.18
release-4.0.19
release-4.0.2
release-4.0.20
release-4.0.21
release-4.0.23
release-4.0.24
release-4.0.25
release-4.0.26
release-4.0.27
release-4.0.28
release-4.0.29
release-4.0.3
release-4.0.30
release-4.0.31
release-4.0.32
release-4.0.33
release-4.0.34
release-4.0.35
release-4.0.36
release-4.0.37
release-4.0.38
release-4.0.39
release-4.0.4
release-4.0.40
release-4.0.41
release-4.0.42
release-4.0.43
release-4.0.44
release-4.0.45
release-4.0.46
release-4.0.48
release-4.0.49
release-4.0.5
release-4.0.50
release-4.0.51
release-4.0.52
release-4.0.53
release-4.0.55
release-4.0.56
release-4.0.57
release-4.0.58
release-4.0.59
release-4.0.6
release-4.0.7
release-4.0.8

release-5.*

release-5.0.0.beta1
release-5.0.0.beta2
release-5.0.0.beta3
release-5.0.0.rc1
release-5.0.0.rc2
release-5.0.1
release-5.0.10
release-5.0.11
release-5.0.13
release-5.0.14
release-5.0.15
release-5.0.16
release-5.0.17
release-5.0.18
release-5.0.19
release-5.0.2
release-5.0.20
release-5.0.21
release-5.0.22
release-5.0.23
release-5.0.24
release-5.0.25
release-5.0.26
release-5.0.27
release-5.0.28
release-5.0.29
release-5.0.3
release-5.0.30
release-5.0.4
release-5.0.5
release-5.0.6
release-5.0.7
release-5.0.8
release-5.0.9
release-5.1.0
release-5.1.1
release-5.1.2
release-5.1.3
release-5.1.4
release-5.1.5
release-5.1.6
release-5.1.7
release-5.1.8

Database specific 

{
    "vanir_signatures": [
        {
            "target": {
                "file": "src/agent/Core/SpawningKit/Spawner.h"
            },
            "id": "CVE-2017-16355-bb6469dd",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "268799682548938772947881921096668350310",
                    "117681501307321166777979843663423129027",
                    "280083727406545110470011300718420250903",
                    "222560687676110990119119317121042802472",
                    "235854114548696804817144001729705555967",
                    "83449442481079981626893397623410921398",
                    "320115127452501949654491876132754416636",
                    "207948168575058203827937063282176268874",
                    "327753644294967020574950308097127961444",
                    "130370208306564958597886905471594157991",
                    "55551024395305749768445773965125912360"
                ],
                "threshold": 0.9
            },
            "source": "https://github.com/phusion/passenger/commit/4043718264095cde6623c2cbe8c644541036d7bf",
            "deprecated": false,
            "signature_type": "Line"
        }
    ]
}