Bug 734310 (CVE-2011-3187)
Summary: | CVE-2011-3187 rubygem-actionpack: does not validate X-Forwarded-For header in requests from class C networks | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | mastahnke, mmorsi, sseago, vanmeeuwen+fedora, vondruch |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-08-30 23:59:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 745570 | ||
Bug Blocks: | 732542 |
Description
Vincent Danen
2011-08-30 04:34:01 UTC
I've asked upstream whether or not they are aware of this flaw, and whether or not it has been fixed and/or if they have further details. Upstream replied as follows: We've seen this one reported a few times, it's just not a security issue from our perspective. The value in question is user-provided, just like request.content_type or request.user_agent, and isn't documented as being safe to use unescaped in shell scripts. All of the query generation and javascript generating stuff will escape that value (just like any other one that's user provided). We've heard of no apps being compromised, seen no attack vectors that exploit this in a way we hadn't considered. We're just tracking it as a bug rather than a security bug. In light of the above, I am going to close this as NOTABUG; future Fedora releases will obtain the fix when upstream fixes this as a bug. |