Title: echor 0.1.6 Ruby Gem exposes login credentials
Date: 1/14/2014
Author: Larry W. Cashdollar, @_larry0
Download: http://rubygems.org/gems/echor
Description: Echo ruby wrapper
The function perform_request passes sensitive data to the shell and unsanitized user input, if this gem is used in a rails application a user could get remote command injection simply by putting a semi-colon in their username or password. At a minimum a local user can steal the login credentials just by watching the process table on the system.
45 def perform_request(data) 46 JSON.parse(`curl -u {Echo.backplane_user}:{Echo.backplane_password} --data-binary '#{data}' #{@channel}`) 47 end
Vendor: Not notified, I don't think this Gem is maintained anymore.