Title: Vulnerability Report for Ruby Gem ciborg-3.0.0

Author: Larry W. Cashdollar, @_larry0

Date: 06/01/2014

OSVDB: 108586

CVE:Please Assign

Download: http://rubygems.org/gems/ciborg

Gem Author: commoncode[at]pivotallabs.com

Author Contacted:6/25/2014

From: ./ciborg-3.0.0/chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb

There is a /tmp file race condition when creating /tmp/perlbrew-installer if a malicious local user creates the file first they can overwrite the contents with their own code executing it as the ciborg process owner.

014: curl -s https://raw.github.com/gugod/App-perlbrew/master/perlbrew-install -o /tmp/perlbrew-installer 15: chmod +x /tmp/perlbrew-installer
16: /tmp/perlbrew-installer

Advisory: http://www.vapid.dhs.org/advisories/ciborg-3.0.0.html