7.5 - GLSA-200912-02

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Ruby on Rails: Multiple vulnerabilities

Informations
Name	GLSA-200912-02	First vendor Publication	2009-12-20
Vendor	Gentoo	Last vendor Modification	2009-12-20
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements.

Background

Ruby on Rails is a web-application and persistence framework.

Description

The following vulnerabilities were discovered:

* sameer reported that lib/action_controller/cgi_process.rb removes the :cookie_only attribute from the default session options (CVE-2007-6077), due to an incomplete fix for CVE-2007-5380 (GLSA 200711-17).

* Tobias Schlottke reported that the :limit and :offset parameters of ActiveRecord::Base.find() are not properly sanitized before being processed (CVE-2008-4094).

* Steve from Coderrr reported that the CRSF protection in protect_from_forgery() does not parse the text/plain MIME format (CVE-2008-7248).

* Nate reported a documentation error that leads to the assumption that a block returning nil passed to authenticate_or_request_with_http_digest() would deny access to the requested resource (CVE-2009-2422).

* Brian Mastenbrook reported an input sanitation flaw, related to multibyte characters (CVE-2009-3009).

* Gabe da Silveira reported an input sanitation flaw in the strip_tags() function (CVE-2009-4214).

* Coda Hale reported an information disclosure vulnerability related to HMAC digests (CVE-2009-3086).

Impact

A remote attacker could send specially crafted requests to a vulnerable application, possibly leading to the execution of arbitrary SQL statements or a circumvention of access control. A remote attacker could also conduct session fixation attacks to hijack a user's session or bypass the CSRF protection mechanism, or furthermore conduct Cross-Site Scripting attacks or forge a digest via multiple attempts.

Workaround

There is no known workaround at this time.

Resolution

All Ruby on Rails 2.3.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-ruby/rails-2.3.5"

All Ruby on Rails 2.2.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose "=dev-ruby/rails-2.2.3-r1"

NOTE: All applications using Ruby on Rails should also be configured to use the latest version available by running "rake rails:update" inside the application directory.

References

[ 1 ] CVE-2007-5380 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5380
[ 2 ] CVE-2007-6077 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077
[ 3 ] CVE-2008-4094 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4094
[ 4 ] CVE-2008-7248 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7248
[ 5 ] CVE-2009-2422 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422
[ 6 ] CVE-2009-3009 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009
[ 7 ] CVE-2009-3086 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086
[ 8 ] CVE-2009-4214 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4214
[ 9 ] GLSA 200711-17 : http://www.gentoo.org/security/en/glsa/glsa-200711-17.xml

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200912-02.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-200912-02.xml

CAPEC : Common Attack Pattern Enumeration & Classification

Id	Name
CAPEC-22	Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-57	Utilizing REST's Trust in the System Resource to Register Man in the Middle
CAPEC-94	Man in the Middle Attack
CAPEC-114	Authentication Abuse

CWE : Common Weakness Enumeration

%	Id	Name
29 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
14 %	CWE-362	Race Condition
14 %	CWE-287	Improper Authentication
14 %	CWE-200	Information Exposure
14 %	CWE-89	Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)
14 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12767

Oval ID:	oval:org.mitre.oval:def:12767
Title:	DSA-2260-1 rails -- several
Description:	Two vulnerabilities were discovered in Ruby on Rails, a web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3086 The cookie store may be vulnerability to a timing attack, potentially allowing remote attackers to forge message digests. CVE-2009-4214 A cross-site scripting vulnerability in the strip_tags function allows remote user-assisted attackers to inject arbitrary web script.
Family:	unix	Class:	patch
Reference(s):	DSA-2260-1 CVE-2009-3086 CVE-2009-4214	Version:	5
Platform(s):	Debian GNU/Linux 5.0	Product(s):	rails
Definition Synopsis:
Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND rails DPKG is earlier than 2.1.0-7+lenny0.2

Definition Id: oval:org.mitre.oval:def:13757

Oval ID:	oval:org.mitre.oval:def:13757
Title:	DSA-1887-1 rails -- missing input sanitising
Description:	Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper. For the stable distribution , this problem has been fixed in version 2.1.0-7. For the oldstable distribution security support has been discontinued. It has been reported that rails in oldstable is unusable and several features that are affected by security issues are broken due to programming issues. It is highly recommended to upgrade to the version in stable. For the testing distribution and the unstable distribution , this problem has been fixed in version 2.2.3-1. We recommend that you upgrade your rails packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1887-1 CVE-2009-3009	Version:	5
Platform(s):	Debian GNU/Linux 5.0	Product(s):	rails
Definition Synopsis:
Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND rails DPKG is earlier than 2.1.0-7

Definition Id: oval:org.mitre.oval:def:14680

Oval ID:	oval:org.mitre.oval:def:14680
Title:	DSA-2301-1 rails -- several
Description:	Several vulnerabilities have been discovered in Rails, the Ruby web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4214 A cross-site scripting vulnerability had been found in the strip_tags function. An attacker may inject non-printable characters that certain browsers will then evaluate. This vulnerability only affects the oldstable distribution. CVE-2011-2930 A SQL injection vulnerability had been found in the quote_table_name method could allow malicious users to inject arbitrary SQL into a query. CVE-2011-2931 A cross-site scripting vulnerability had been found in the strip_tags helper. An parsing error can be exploited by an attacker, who can confuse the parser and may inject HTML tags into the output document. CVE-2011-3186 A newline injection vulnerability had been found in response.rb. This vulnerability allows an attacker to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header.
Family:	unix	Class:	patch
Reference(s):	DSA-2301-1 CVE-2011-2930 CVE-2011-2931 CVE-2011-3186 CVE-2009-4214	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND rails DPKG is earlier than 2.1.0-7+lenny1 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND rails DPKG is earlier than 2.3.5-1.2+squeeze1

Definition Id: oval:org.mitre.oval:def:15291

Oval ID:	oval:org.mitre.oval:def:15291
Title:	DSA-2301-2 rails -- several
Description:	It was discovered that the last security update for Ruby on Rails, DSA-2301-1, introduced a regression in the libactionpack-ruby package.
Family:	unix	Class:	patch
Reference(s):	DSA-2301-2 CVE-2011-2930 CVE-2011-2931 CVE-2011-3186 CVE-2009-4214	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND rails DPKG is earlier than 2.1.0-7+lenny2 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND rails DPKG is earlier than 2.3.5-1.2+squeeze2

Definition Id: oval:org.mitre.oval:def:7762

Oval ID:	oval:org.mitre.oval:def:7762
Title:	DSA-1887 rails -- missing input sanitising
Description:	Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.
Family:	unix	Class:	patch
Reference(s):	DSA-1887 CVE-2009-3009	Version:	3
Platform(s):	Debian GNU/Linux 5.0	Product(s):	rails
Definition Synopsis:
Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND rails is earlier than 2.1.0-7

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apple Mac Os X cpe:2.3:a:apple:mac_os_x:10.5.6:::::::* cpe:2.3:a:apple:mac_os_x::::::::	2
Application	Rubyonrails Rails cpe:2.3:a:rubyonrails:rails:2.3.4:::::::* cpe:2.3:a:rubyonrails:rails:2.3.3:::::::* cpe:2.3:a:rubyonrails:rails:2.3.2:::::::* cpe:2.3:a:rubyonrails:rails:2.2.2:::::::* cpe:2.3:a:rubyonrails:rails:2.2.1:::::::* cpe:2.3:a:rubyonrails:rails:2.2.0:::::::* cpe:2.3:a:rubyonrails:rails:2.1.2:::::::* cpe:2.3:a:rubyonrails:rails:2.1.1:::::::* cpe:2.3:a:rubyonrails:rails:2.1.0:-:::::: cpe:2.3:a:rubyonrails:rails:2.0.4:::::::* cpe:2.3:a:rubyonrails:rails:2.0.2:::::::* cpe:2.3:a:rubyonrails:rails:2.0.1:::::::* cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:::::: cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:::::: cpe:2.3:a:rubyonrails:rails:2.0.0:-:::::: cpe:2.3:a:rubyonrails:rails:1.9.5:::::::* cpe:2.3:a:rubyonrails:rails:1.9.3:::::::* cpe:2.3:a:rubyonrails:rails:1.2.6:::::::* cpe:2.3:a:rubyonrails:rails:1.2.5:::::::* cpe:2.3:a:rubyonrails:rails:1.2.4:::::::* cpe:2.3:a:rubyonrails:rails:1.2.3:::::::* cpe:2.3:a:rubyonrails:rails:1.2.2:::::::* cpe:2.3:a:rubyonrails:rails:1.2.1:::::::* cpe:2.3:a:rubyonrails:rails:1.2.0:-:::::: cpe:2.3:a:rubyonrails:rails:1.1.6:::::::* cpe:2.3:a:rubyonrails:rails:1.1.5:::::::* cpe:2.3:a:rubyonrails:rails:1.1.4:::::::* cpe:2.3:a:rubyonrails:rails:1.1.3:::::::* cpe:2.3:a:rubyonrails:rails:1.1.2:::::::* cpe:2.3:a:rubyonrails:rails:1.1.1:::::::* cpe:2.3:a:rubyonrails:rails:1.1.0:-:::::: cpe:2.3:a:rubyonrails:rails:1.0.0:::::::* cpe:2.3:a:rubyonrails:rails:0.9.4.1:::::::* cpe:2.3:a:rubyonrails:rails:0.9.4:::::::* cpe:2.3:a:rubyonrails:rails:0.9.3:::::::* cpe:2.3:a:rubyonrails:rails:0.9.2:::::::* cpe:2.3:a:rubyonrails:rails:0.9.1:::::::* cpe:2.3:a:rubyonrails:rails:0.14.4:::::::* cpe:2.3:a:rubyonrails:rails:0.14.3:::::::* cpe:2.3:a:rubyonrails:rails:0.14.2:::::::* cpe:2.3:a:rubyonrails:rails:0.14.1:::::::* cpe:2.3:a:rubyonrails:rails:0.13.1:::::::* cpe:2.3:a:rubyonrails:rails:0.13.0:::::::* cpe:2.3:a:rubyonrails:rails:0.12.1:::::::* cpe:2.3:a:rubyonrails:rails:0.12.0:::::::* cpe:2.3:a:rubyonrails:rails:0.11.1:::::::* cpe:2.3:a:rubyonrails:rails:0.11.0:::::::* cpe:2.3:a:rubyonrails:rails:0.10.1:::::::* cpe:2.3:a:rubyonrails:rails:0.10.0:::::::* cpe:2.3:a:rubyonrails:rails:::::::: cpe:2.3:a:rubyonrails:rails:-:::::::*	51
Application	Rubyonrails Ruby On Rails cpe:2.3:a:rubyonrails:ruby_on_rails:0.9.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.5:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.7.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.5:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.7:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.6:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.5:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails::::::::	11
Os	Apple Mac Os X cpe:2.3:o:apple:mac_os_x:10.6.2:::::::* cpe:2.3:o:apple:mac_os_x:10.6.1:::::::* cpe:2.3:o:apple:mac_os_x:10.6.1::server::::: cpe:2.3:o:apple:mac_os_x:10.6.0:::::::* cpe:2.3:o:apple:mac_os_x:10.6:::::::* cpe:2.3:o:apple:mac_os_x:10.6:server:::::: cpe:2.3:o:apple:mac_os_x:10.5.8:::::::* cpe:2.3:o:apple:mac_os_x:10.5.8::server::::: cpe:2.3:o:apple:mac_os_x:10.5.7:::::::* cpe:2.3:o:apple:mac_os_x:10.5.6:::::::* cpe:2.3:o:apple:mac_os_x:10.5.5:::::::* cpe:2.3:o:apple:mac_os_x:10.5.4:::::::* cpe:2.3:o:apple:mac_os_x:10.5.3:::::::* cpe:2.3:o:apple:mac_os_x:10.5.2:::::::* cpe:2.3:o:apple:mac_os_x:10.5.2:2008-002:::::: cpe:2.3:o:apple:mac_os_x:10.5.1:::::::* cpe:2.3:o:apple:mac_os_x:10.5.0:::::::* cpe:2.3:o:apple:mac_os_x:10.5:::::::* cpe:2.3:o:apple:mac_os_x:10.4.9:::::::* cpe:2.3:o:apple:mac_os_x:10.4.8:::::::* cpe:2.3:o:apple:mac_os_x:10.4.8::macbook::::: cpe:2.3:o:apple:mac_os_x:10.4.8::mac_mini::::: cpe:2.3:o:apple:mac_os_x:10.4.8::macbook_pro::::: cpe:2.3:o:apple:mac_os_x:10.4.7:::::::* cpe:2.3:o:apple:mac_os_x:10.4.6:::::::* cpe:2.3:o:apple:mac_os_x:10.4.5:::::::* cpe:2.3:o:apple:mac_os_x:10.4.4:::::::* cpe:2.3:o:apple:mac_os_x:10.4.3:::::::* cpe:2.3:o:apple:mac_os_x:10.4.2:::::::* cpe:2.3:o:apple:mac_os_x:10.4.11:::::::* cpe:2.3:o:apple:mac_os_x:10.4.10:::::::* cpe:2.3:o:apple:mac_os_x:10.4.1:::::::* cpe:2.3:o:apple:mac_os_x:10.4.0:::::::* cpe:2.3:o:apple:mac_os_x:10.4.:::::::* cpe:2.3:o:apple:mac_os_x:10.4:::::::* cpe:2.3:o:apple:mac_os_x:10.3.9:::::::* cpe:2.3:o:apple:mac_os_x:10.3.8:::::::* cpe:2.3:o:apple:mac_os_x:10.3.7:::::::* cpe:2.3:o:apple:mac_os_x:10.3.6:::::::* cpe:2.3:o:apple:mac_os_x:10.3.5:::::::* cpe:2.3:o:apple:mac_os_x:10.3.4:::::::* cpe:2.3:o:apple:mac_os_x:10.3.3:::::::* cpe:2.3:o:apple:mac_os_x:10.3.2:::::::* cpe:2.3:o:apple:mac_os_x:10.3.1:::::::* cpe:2.3:o:apple:mac_os_x:10.3.0:::::::* cpe:2.3:o:apple:mac_os_x:10.3:::::::* cpe:2.3:o:apple:mac_os_x:10.2.8:::::::* cpe:2.3:o:apple:mac_os_x:10.2.7:::::::* cpe:2.3:o:apple:mac_os_x:10.2.6:::::::* cpe:2.3:o:apple:mac_os_x:10.2.5:::::::* cpe:2.3:o:apple:mac_os_x:10.2.4:::::::* cpe:2.3:o:apple:mac_os_x:10.2.3:::::::* cpe:2.3:o:apple:mac_os_x:10.2.2:::::::* cpe:2.3:o:apple:mac_os_x:10.2.1:::::::* cpe:2.3:o:apple:mac_os_x:10.2.0:::::::* cpe:2.3:o:apple:mac_os_x:10.2:::::::* cpe:2.3:o:apple:mac_os_x:10.1.5:::::::* cpe:2.3:o:apple:mac_os_x:10.1.4:::::::* cpe:2.3:o:apple:mac_os_x:10.1.3:::::::* cpe:2.3:o:apple:mac_os_x:10.1.2:::::::* cpe:2.3:o:apple:mac_os_x:10.1.1:::::::* cpe:2.3:o:apple:mac_os_x:10.1.0:::::::* cpe:2.3:o:apple:mac_os_x:10.1:::::::* cpe:2.3:o:apple:mac_os_x:10.0.4:::::::* cpe:2.3:o:apple:mac_os_x:10.0.3:::::::* cpe:2.3:o:apple:mac_os_x:10.0.2:::::::* cpe:2.3:o:apple:mac_os_x:10.0.1:::::::* cpe:2.3:o:apple:mac_os_x:10.0.0:::::::* cpe:2.3:o:apple:mac_os_x:10.0:::::::* cpe:2.3:o:apple:mac_os_x:::::::: cpe:2.3:o:apple:mac_os_x:-:::::::*	71
Os	Apple Mac Os X Server cpe:2.3:o:apple:mac_os_x_server:10.6.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.11:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.10:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.3:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.2:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.15:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.14:::::::* cpe:2.3:o:apple:mac_os_x_server::::::::	66

OpenVAS Exploits

Date	Description
2012-02-11	Name : Debian Security Advisory DSA 2301-2 (rails) File : nvt/deb_2301_2.nasl
2011-09-21	Name : Debian Security Advisory DSA 2301-1 (rails) File : nvt/deb_2301_1.nasl
2010-08-02	Name : Ruby on Rails 'unicode strings' Cross-Site Scripting Vulnerability File : nvt/secpod_ruby_rails_xss_vuln.nasl
2010-05-12	Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-05-12	Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl
2009-12-30	Name : Fedora Core 11 FEDORA-2009-13361 (rubygem-actionpack) File : nvt/fcore_2009_13361.nasl
2009-12-30	Name : Fedora Core 12 FEDORA-2009-13393 (rubygem-actionpack) File : nvt/fcore_2009_13393.nasl
2009-12-30	Name : Gentoo Security Advisory GLSA 200912-02 (rails) File : nvt/glsa_200912_02.nasl
2009-12-14	Name : Fedora Core 10 FEDORA-2009-12966 (rubygem-actionpack) File : nvt/fcore_2009_12966.nasl
2009-12-09	Name : Ruby on Rails 'strip_tags' Cross Site Scripting Vulnerability (Linux) File : nvt/gb_ruby_rails_xss_vuln_lin.nasl
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-10-27	Name : SuSE Security Summary SUSE-SR:2009:017 File : nvt/suse_sr_2009_017.nasl
2009-10-19	Name : Fedora Core 11 FEDORA-2009-10484 (rubygem-actionmailer) File : nvt/fcore_2009_10484.nasl
2009-09-28	Name : Fedora Core 10 FEDORA-2009-9799 (rubygem-activesupport) File : nvt/fcore_2009_9799.nasl
2009-09-28	Name : Fedora Core 11 FEDORA-2009-9922 (rubygem-actionpack) File : nvt/fcore_2009_9922.nasl
2009-09-21	Name : Debian Security Advisory DSA 1887-1 (rails) File : nvt/deb_1887_1.nasl
2009-07-17	Name : Ruby on Rails Authentication Bypass Vulnerability File : nvt/gb_ruby_rails_auth_bypass_vuln.nasl
2009-03-02	Name : Fedora Core 9 FEDORA-2009-2179 (rubygem-actionpack) File : nvt/fcore_2009_2179.nasl
2009-02-17	Name : Fedora Update for rubygem-activesupport FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygem-activesupport_fc9.nasl
2009-02-17	Name : Fedora Update for rubygems FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygems_fc9.nasl
2009-02-17	Name : Fedora Update for rubygem-rails FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygem-rails_fc9.nasl
2009-02-17	Name : Fedora Update for rubygem-actionmailer FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygem-actionmailer_fc8.nasl
2009-02-17	Name : Fedora Update for rubygem-activeresource FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygem-activeresource_fc9.nasl
2009-02-17	Name : Fedora Update for rubygem-activerecord FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygem-activerecord_fc9.nasl
2009-02-17	Name : Fedora Update for rubygem-actionpack FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygem-actionpack_fc9.nasl
2009-02-17	Name : Fedora Update for rubygem-actionmailer FEDORA-2008-8322 File : nvt/gb_fedora_2008_8322_rubygem-actionmailer_fc9.nasl
2009-02-17	Name : Fedora Update for rubygems FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygems_fc8.nasl
2009-02-17	Name : Fedora Update for rubygem-rails FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygem-rails_fc8.nasl
2009-02-17	Name : Fedora Update for rubygem-activesupport FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygem-activesupport_fc8.nasl
2009-02-17	Name : Fedora Update for rubygem-activeresource FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygem-activeresource_fc8.nasl
2009-02-17	Name : Fedora Update for rubygem-activerecord FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygem-activerecord_fc8.nasl
2009-02-17	Name : Fedora Update for rubygem-actionpack FEDORA-2008-8282 File : nvt/gb_fedora_2008_8282_rubygem-actionpack_fc8.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200711-17 (rails) File : nvt/glsa_200711_17.nasl
2008-09-17	Name : FreeBSD Ports: rubygem-rails File : nvt/freebsd_rubygem-rails2.nasl
2008-09-04	Name : FreeBSD Ports: rubygem-rails File : nvt/freebsd_rubygem-rails0.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
61124	Ruby on Rails Token Verification Weakness CSRF Protection Bypass
60544	Ruby on Rails HTML::Tokenizer strip_tags Function XSS
57879	Ruby on Rails Cookie Store Unspecified Algorithm Message-digest Signature Ver...
57666	Ruby on Rails Malformed Unicode String XSS
55664	Ruby on Rails HTTP Digest Authentication nil User Bypass
48150	Ruby on Rails Active Record :offset / :limit Parameter SQL Injection
40718	Ruby on Rails URL-based Sessions Unspecified Session Fixation
39193	Ruby on Rails cgi_process.rb Cookie Related Session Fixation Ruby on Rails contains a flaw that may allow a malicious user to hijack the session of another via session fixation.

Nessus® Vulnerability Scanner

Date	Description
2011-09-06	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2301.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2260.nasl - Type : ACT_GATHER_INFO
2010-03-29	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO
2010-03-29	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO
2010-03-11	Name : The remote openSUSE host is missing a security update. File : suse_11_2_rubygem-actionpack-2_3-100205.nasl - Type : ACT_GATHER_INFO
2010-03-04	Name : The remote openSUSE host is missing a security update. File : suse_11_2_rubygem-actionpack-100210.nasl - Type : ACT_GATHER_INFO
2010-03-04	Name : The remote openSUSE host is missing a security update. File : suse_11_1_rubygem-actionpack-100210.nasl - Type : ACT_GATHER_INFO
2010-03-04	Name : The remote openSUSE host is missing a security update. File : suse_11_0_rubygem-actionpack-100205.nasl - Type : ACT_GATHER_INFO
2010-02-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1887.nasl - Type : ACT_GATHER_INFO
2009-12-22	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200912-02.nasl - Type : ACT_GATHER_INFO
2009-12-18	Name : The remote Fedora host is missing a security update. File : fedora_2009-13393.nasl - Type : ACT_GATHER_INFO
2009-12-18	Name : The remote Fedora host is missing a security update. File : fedora_2009-13361.nasl - Type : ACT_GATHER_INFO
2009-12-10	Name : The remote Fedora host is missing a security update. File : fedora_2009-12966.nasl - Type : ACT_GATHER_INFO
2009-10-22	Name : The remote openSUSE host is missing a security update. File : suse_11_1_rubygem-activesupport-2_1-090917.nasl - Type : ACT_GATHER_INFO
2009-10-22	Name : The remote openSUSE host is missing a security update. File : suse_11_1_rubygem-actionpack-2_1-090917.nasl - Type : ACT_GATHER_INFO
2009-10-15	Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-10484.nasl - Type : ACT_GATHER_INFO
2009-09-28	Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-9922.nasl - Type : ACT_GATHER_INFO
2009-09-25	Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-9799.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote web server contains an application that is prone to an authenticat... File : ror_http_digest_bypass.nasl - Type : ACT_ATTACK
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_rubygem-activerecord-081122.nasl - Type : ACT_GATHER_INFO
2009-03-24	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8e8b8b947f1d11dda66a0019666436c2.nasl - Type : ACT_GATHER_INFO
2008-12-01	Name : The remote openSUSE host is missing a security update. File : suse_rubygem-activerecord-5817.nasl - Type : ACT_GATHER_INFO
2008-10-16	Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8282.nasl - Type : ACT_GATHER_INFO
2008-09-29	Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8322.nasl - Type : ACT_GATHER_INFO
2007-12-18	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO
2007-11-30	Name : The remote openSUSE host is missing a security update. File : suse_rubygem-actionpack-4754.nasl - Type : ACT_GATHER_INFO
2007-11-29	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_30acb8ae9d4611dc9114001c2514716c.nasl - Type : ACT_GATHER_INFO
2007-11-28	Name : The remote web server is affected by a session fixation vulnerability. File : ror_session_fixation.nasl - Type : ACT_GATHER_INFO
2007-11-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-17.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:36:46	Multiple Updates

Global Informations

Type	Count
Capec ID(s)	4
CWE ID(s)	8
Oval ID(s)	5
CPE ID(s)	201
osvdb(s)	8
Openvas Exploit(s)	35
Nessus® Exploit(s)	29

	Related
9.8	CVE-2009-2422
7.5	CVE-2008-4094
6.8	GLSA-200711-17
6.8	CVE-2008-7248
6.8	CVE-2007-6077
6.8	CVE-2007-5380
5	CVE-2009-3086
4.3	CVE-2009-4214
4.3	CVE-2009-3009
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)