CVE-2018-12029
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-12029
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-12029.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-12029
- Aliases
- Related
- Published
- 2018-06-17T20:29:00Z
- Modified
- 2024-09-03T02:21:55.124222Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passengerinstanceregistry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but before it was chowned, leads to the target of the link being chowned via the path. Targeting sensitive files such as root's crontab file allows privilege escalation.
- References
Affected packages
Debian:11 / passenger
Package
- Name
- passenger
- Purl
- pkg:deb/debian/passenger?arch=source
Debian:12 / passenger
Package
- Name
- passenger
- Purl
- pkg:deb/debian/passenger?arch=source
Debian:13 / passenger
Package
- Name
- passenger
- Purl
- pkg:deb/debian/passenger?arch=source
Git / github.com/phusion/passenger
Affected versions
release-3.*
release-3.0.0
release-3.0.1
release-3.0.10
release-3.0.11
release-3.0.12
release-3.0.13
release-3.0.14
release-3.0.15
release-3.0.17
release-3.0.18
release-3.0.2
release-3.0.3
release-3.0.4
release-3.0.5
release-3.0.6
release-3.0.7
release-3.0.8
release-3.0.9
release-3.9.0.beta
release-3.9.1.beta
release-3.9.2.beta
release-3.9.3.rc1
release-3.9.4.rc2
release-3.9.5.rc3
release-4.*
release-4.0.0.rc4
release-4.0.0.rc6
release-4.0.1
release-4.0.10
release-4.0.13
release-4.0.14
release-4.0.16
release-4.0.17
release-4.0.18
release-4.0.19
release-4.0.2
release-4.0.20
release-4.0.21
release-4.0.23
release-4.0.24
release-4.0.25
release-4.0.26
release-4.0.27
release-4.0.28
release-4.0.29
release-4.0.3
release-4.0.30
release-4.0.31
release-4.0.32
release-4.0.33
release-4.0.34
release-4.0.35
release-4.0.36
release-4.0.37
release-4.0.38
release-4.0.39
release-4.0.4
release-4.0.40
release-4.0.41
release-4.0.42
release-4.0.43
release-4.0.44
release-4.0.45
release-4.0.46
release-4.0.48
release-4.0.49
release-4.0.5
release-4.0.50
release-4.0.51
release-4.0.52
release-4.0.53
release-4.0.55
release-4.0.56
release-4.0.57
release-4.0.58
release-4.0.59
release-4.0.6
release-4.0.7
release-4.0.8
release-5.*
release-5.0.0.beta1
release-5.0.0.beta2
release-5.0.0.beta3
release-5.0.0.rc1
release-5.0.0.rc2
release-5.0.1
release-5.0.10
release-5.0.11
release-5.0.13
release-5.0.14
release-5.0.15
release-5.0.16
release-5.0.17
release-5.0.18
release-5.0.19
release-5.0.2
release-5.0.20
release-5.0.21
release-5.0.22
release-5.0.23
release-5.0.24
release-5.0.25
release-5.0.26
release-5.0.27
release-5.0.28
release-5.0.29
release-5.0.3
release-5.0.30
release-5.0.4
release-5.0.5
release-5.0.6
release-5.0.7
release-5.0.8
release-5.0.9
release-5.1.0
release-5.1.1
release-5.1.11
release-5.1.12
release-5.1.2
release-5.1.3
release-5.1.4
release-5.1.5
release-5.1.6
release-5.1.7
release-5.1.8
release-5.2.0
release-5.2.1
release-5.2.2
release-5.2.3
release-5.3.0
release-5.3.1