Title: Vulnerability Report for Ruby Gem kompanee-recipes-0.1.4
Author: Larry W. Cashdollar, @_larry0
Date: 06/01/2014
OSVDB: 108593
CVE:Please Assign
Download: http://rubygems.org/gems/kompanee-recipes
Gem Author: accounts+rubygems[at]thekompanee.com
Author Contacted:6/25/2014
From: ./kompanee-recipes-0.1.4/lib/kompanee-recipes/heroku.rb
If this Gem is used in the context of a Rails application it maybe possible for a remote user to inject commands into the shell via #{password} #{user} #{deploy_name} #{application} variables if that data is user supplied.
032- task :install do
33: `heroku domains:add #{deploy_name}`
34- end
35-
37- Removes the domain for the application from the Heroku server.
39- task :remove do
40: `heroku domains:remove #{deploy_name}`
41- end
42-
43- namespace :addon do
--
47- task :install do
48: `heroku addons:add custom_domains:basic`
49- end
50-
54- task :remove do
55: `heroku addons:remove custom_domains:basic`
56- end
57- end
58- end
--
87- [internal] Creates a Heroku credentials file.
89- task :create do
90: `if [ ! -d #{heroku_credentials_path} ]; then mkdir -p #{heroku_credentials_path}; fi`
91: `echo #{user} > #{heroku_credentials_file}`
92: `echo #{password} >> #{heroku_credentials_file}`
93- end
94-
96- [internal] Switches the credentials file to either the current use or the
99- task :switch do
--
119- restart the application.
121- task :default do
122: `git push heroku #{branch}`
123- deploy.migrate
124- deploy.restart
125- end
--
128- Restarts the application.
130- task :restart do
131: `heroku restart`
132- end
133-
135- Runs the migrate rake task.
137- task :migrate do
138: `heroku rake db:migrate`
139- end
140-
--
144- namespace :rollback do
145- task :default do 146: `heroku rollback` 147- deploy.restart 148- end
149- end
--
151- namespace :web do
152- desc "Removes the maintenance page to resume normal site operation." 153- task :enable do 154: `heroku maintenance:off` 155- end 156- 158- task :disable do 159: `heroku maintenance:on` 160- end
161- end
162-
--
169-
170- heroku.domain.install
171-
173- deploy.default
174- end
175- end
--
177- namespace :website do
179- task :install do
180: `heroku create #{application}`
181- end
182-
183- desc "Completely removes application from Heroku"
184- task :remove do
185: `heroku destroy --confirm #{application}`
186- end
187- end
188-
189- namespace :db do
191- task :drop do
192: `heroku pg:reset`
193- end
194-
195- namespace :backup do
197- task :default do 198: `heroku pgbackups:capture` 199- end 200- 201- namespace :addon do -- 205- task :install do 206: `heroku addons:add pgbackups:basic` 207- end 208- 212- task :remove do 213: `heroku addons:remove pgbackups:basic` 214- end 215- end
216- end
--
219- task :reset_and_seed do
221- db.backup 222: `heroku pg:reset` 223: `heroku rake db:seed`
224- end
225-
226- desc "Seed database"
227- task :seed do
229- db.backup 230: `heroku rake db:seed`
231- end
232- end
233-
235- task :shell do
236: `heroku shell`
237- end
238-
240- task :invoke do
242- end
243-end
Advisory: http://www.vapid.dhs.org/advisories/kompanee-recipes-0.1.4.html