Problem Description:
RubyGems does not check installation paths for gems before writing
files.
Impact:
Since RubyGems packages are typically installed using root
permissions, arbitrary files may be overwritten on-disk. This may
lead to denial of service, privilege escalation or remote compromise.
Workaround:
No known workarounds
Solution:
a) Upgrade to RubyGems 0.9.1
b) Apply one of the following patches
For RubyGems 0.9.0: