10 - GLSA-201412-28

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Ruby on Rails: Multiple vulnerabilities

Informations
Name	GLSA-201412-28	First vendor Publication	2014-12-14
Vendor	Gentoo	Last vendor Modification	2014-12-14
Severity (Vendor)	High	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code.

Background

Ruby on Rails is a web-application and persistence framework.

Description

Multiple vulnerabilities have been discovered in Ruby on Rails. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could execute arbitrary code or cause a Denial of Service condition. Furthermore, a remote attacker may be able to execute arbitrary SQL commands, change parameter names for form inputs and make changes to arbitrary records in the system, bypass intended access restrictions, render arbitrary views, inject arbitrary web script or HTML, or conduct cross-site request forgery (CSRF) attacks.

Workaround

There is no known workaround at this time.

Resolution

All Ruby on Rails 2.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-ruby/rails-2.3.18"

NOTE: All applications using Ruby on Rails should also be configured to use the latest version available by running "rake rails:update" inside the application directory.

NOTE: This is a legacy GLSA and stable updates for Ruby on Rails, including the unaffected version listed above, are no longer available from Gentoo. It may be possible to upgrade to the 3.2, 4.0, or 4.1
branches, however these packages are not currently stable.

References

[ 1 ] CVE-2010-3933 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3933
[ 2 ] CVE-2011-0446 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0446
[ 3 ] CVE-2011-0447 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0447
[ 4 ] CVE-2011-0448 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0448
[ 5 ] CVE-2011-0449 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0449
[ 6 ] CVE-2011-2929 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2929
[ 7 ] CVE-2011-2930 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2930
[ 8 ] CVE-2011-2931 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2931
[ 9 ] CVE-2011-2932 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2932
[ 10 ] CVE-2011-3186 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3186
[ 11 ] CVE-2013-0155 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0155
[ 12 ] CVE-2013-0156 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0156
[ 13 ] CVE-2013-0276 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0276
[ 14 ] CVE-2013-0277 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0277
[ 15 ] CVE-2013-0333 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0333
[ 16 ] CVE-2013-1854 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1854
[ 17 ] CVE-2013-1855 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1855
[ 18 ] CVE-2013-1856 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1856
[ 19 ] CVE-2013-1857 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1857

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201412-28.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201412-28.xml

CWE : Common Weakness Enumeration

%	Id	Name
29 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
29 %	CWE-20	Improper Input Validation
18 %	CWE-264	Permissions, Privileges, and Access Controls
12 %	CWE-89	Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)
6 %	CWE-352	Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25)
6 %	CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12893

Oval ID:	oval:org.mitre.oval:def:12893
Title:	DSA-2247-1 rails -- several vulnerabilities
Description:	Several vulnerabilities have been discovered in Rails, the Ruby web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-0446 Multiple cross-site scripting vulnerabilities when JavaScript encoding is used, allow remote attackers to inject arbitrary web script or HTML. CVE-2011-0447 Rails does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery attacks.
Family:	unix	Class:	patch
Reference(s):	DSA-2247-1 CVE-2011-0446 CVE-2011-0447	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND rails DPKG is earlier than 2.1.0-7+lenny0.1 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND rails DPKG is earlier than 2.3.5-1.2+squeeze0.1

Definition Id: oval:org.mitre.oval:def:17800

Oval ID:	oval:org.mitre.oval:def:17800
Title:	DSA-2609-1 rails - SQL query manipulation
Description:	An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges.
Family:	unix	Class:	patch
Reference(s):	DSA-2609-1 CVE-2013-0155	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rails DPKG is earlier than 2.3.5-1.2+squeeze5

Definition Id: oval:org.mitre.oval:def:17839

Oval ID:	oval:org.mitre.oval:def:17839
Title:	DSA-2655-1 rails - several
Description:	Several cross-site-scripting and denial of service vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development.
Family:	unix	Class:	patch
Reference(s):	DSA-2655-1 CVE-2011-2932 CVE-2012-3464 CVE-2012-3465 CVE-2013-1854 CVE-2013-1855 CVE-2013-1857	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rails DPKG is earlier than 2.3.5-1.2+squeeze8

Definition Id: oval:org.mitre.oval:def:18384

Oval ID:	oval:org.mitre.oval:def:18384
Title:	DSA-2613-1 rails - insufficient input validation
Description:	Lawrence Pit discovered that Ruby on Rails, a web development framework, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML.
Family:	unix	Class:	patch
Reference(s):	DSA-2613-1 CVE-2013-0333	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rails DPKG is earlier than 2.3.5-1.2+squeeze6

Definition Id: oval:org.mitre.oval:def:19664

Oval ID:	oval:org.mitre.oval:def:19664
Title:	DSA-2604-1 rails - insufficient input validation
Description:	It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on the application.
Family:	unix	Class:	patch
Reference(s):	DSA-2604-1 CVE-2013-0156	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rails DPKG is earlier than 0:2.3.5-1.2+squeeze4.1

Definition Id: oval:org.mitre.oval:def:19688

Oval ID:	oval:org.mitre.oval:def:19688
Title:	DSA-2620-1 rails - several
Description:	Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development.
Family:	unix	Class:	patch
Reference(s):	DSA-2620-1 CVE-2013-0276 CVE-2013-0277	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	rails
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rails DPKG is earlier than 0:2.3.5-1.2+squeeze7

CPE : Common Platform Enumeration

Type	Description	Count
Application	Rubyonrails Rails cpe:2.3:a:rubyonrails:rails:3.2.9:::::::* cpe:2.3:a:rubyonrails:rails:3.2.9:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.9:rc3:::::: cpe:2.3:a:rubyonrails:rails:3.2.9:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.2.8:::::::* cpe:2.3:a:rubyonrails:rails:3.2.8:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.2.8:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.7:::::::* cpe:2.3:a:rubyonrails:rails:3.2.7:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.6:::::::* cpe:2.3:a:rubyonrails:rails:3.2.5:::::::* cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.4:::::::* cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.3:::::::* cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.2:::::::* cpe:2.3:a:rubyonrails:rails:3.2.12:::::::* cpe:2.3:a:rubyonrails:rails:3.2.11:::::::* cpe:2.3:a:rubyonrails:rails:3.2.10:::::::* cpe:2.3:a:rubyonrails:rails:3.2.1:::::::* cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.2.0:::::::* cpe:2.3:a:rubyonrails:rails:3.1.9:::::::* cpe:2.3:a:rubyonrails:rails:3.1.8:::::::* cpe:2.3:a:rubyonrails:rails:3.1.7:::::::* cpe:2.3:a:rubyonrails:rails:3.1.6:::::::* cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.1.5:::::::* cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.1.4:::::::* cpe:2.3:a:rubyonrails:rails:3.1.3:::::::* cpe:2.3:a:rubyonrails:rails:3.1.2:::::::* cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.1.12:::::::* cpe:2.3:a:rubyonrails:rails:3.1.10:::::::* cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:::::: cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.1.1:::::::* cpe:2.3:a:rubyonrails:rails:3.1.0:::::::* cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:::::: cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:::::: cpe:2.3:a:rubyonrails:rails:3.0.9:::::::* cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:::::: cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:::::: cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:::::: cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:::::: cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:::::: cpe:2.3:a:rubyonrails:rails:3.0.8:::::::* cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.0.7:::::::* cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.6:::::::* cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.0.5:::::::* cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.4:-:::::: cpe:2.3:a:rubyonrails:rails:3.0.3:::::::* cpe:2.3:a:rubyonrails:rails:3.0.20:::::::* cpe:2.3:a:rubyonrails:rails:3.0.2:pre:::::: cpe:2.3:a:rubyonrails:rails:3.0.2:-:::::: cpe:2.3:a:rubyonrails:rails:3.0.19:::::::* cpe:2.3:a:rubyonrails:rails:3.0.18:::::::* cpe:2.3:a:rubyonrails:rails:3.0.17:::::::* cpe:2.3:a:rubyonrails:rails:3.0.16:::::::* cpe:2.3:a:rubyonrails:rails:3.0.14:::::::* cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.13:::::::* cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.12:::::::* cpe:2.3:a:rubyonrails:rails:3.0.11:::::::* cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:::::: cpe:2.3:a:rubyonrails:rails:3.0.10:::::::* cpe:2.3:a:rubyonrails:rails:3.0.1:pre:::::: cpe:2.3:a:rubyonrails:rails:3.0.1:-:::::: cpe:2.3:a:rubyonrails:rails:3.0.0:::::::* cpe:2.3:a:rubyonrails:rails:3.0.0:beta:::::: cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:::::: cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:::::: cpe:2.3:a:rubyonrails:rails:3.0.0:rc:::::: cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:::::: cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:::::: cpe:2.3:a:rubyonrails:rails:2.3.9:-:::::: cpe:2.3:a:rubyonrails:rails:2.3.4:::::::* cpe:2.3:a:rubyonrails:rails:2.3.3:::::::* cpe:2.3:a:rubyonrails:rails:2.3.2:::::::* cpe:2.3:a:rubyonrails:rails:2.3.18:::::::* cpe:2.3:a:rubyonrails:rails:2.3.16:::::::* cpe:2.3:a:rubyonrails:rails:2.3.15:::::::* cpe:2.3:a:rubyonrails:rails:2.3.14:::::::* cpe:2.3:a:rubyonrails:rails:2.3.13:::::::* cpe:2.3:a:rubyonrails:rails:2.3.12:::::::* cpe:2.3:a:rubyonrails:rails:2.3.11:::::::* cpe:2.3:a:rubyonrails:rails:2.3.10:::::::* cpe:2.3:a:rubyonrails:rails:2.3.1:::::::* cpe:2.3:a:rubyonrails:rails:2.3.0:::::::* cpe:2.3:a:rubyonrails:rails:2.3:::::::* cpe:2.3:a:rubyonrails:rails:2.2.2:::::::* cpe:2.3:a:rubyonrails:rails:2.2.1:::::::* cpe:2.3:a:rubyonrails:rails:2.2.0:::::::* cpe:2.3:a:rubyonrails:rails:2.1.2:::::::* cpe:2.3:a:rubyonrails:rails:2.1.1:::::::* cpe:2.3:a:rubyonrails:rails:2.1.0:-:::::: cpe:2.3:a:rubyonrails:rails:2.0.4:::::::* cpe:2.3:a:rubyonrails:rails:2.0.2:::::::* cpe:2.3:a:rubyonrails:rails:2.0.1:::::::* cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:::::: cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:::::: cpe:2.3:a:rubyonrails:rails:2.0.0:-:::::: cpe:2.3:a:rubyonrails:rails:1.9.5:::::::* cpe:2.3:a:rubyonrails:rails:1.9.3:::::::* cpe:2.3:a:rubyonrails:rails:1.2.6:::::::* cpe:2.3:a:rubyonrails:rails:1.2.5:::::::* cpe:2.3:a:rubyonrails:rails:1.2.4:::::::* cpe:2.3:a:rubyonrails:rails:1.2.3:::::::* cpe:2.3:a:rubyonrails:rails:1.2.2:::::::* cpe:2.3:a:rubyonrails:rails:1.2.1:::::::* cpe:2.3:a:rubyonrails:rails:1.2.0:-:::::: cpe:2.3:a:rubyonrails:rails:1.1.6:::::::* cpe:2.3:a:rubyonrails:rails:1.1.5:::::::* cpe:2.3:a:rubyonrails:rails:1.1.4:::::::* cpe:2.3:a:rubyonrails:rails:1.1.3:::::::* cpe:2.3:a:rubyonrails:rails:1.1.2:::::::* cpe:2.3:a:rubyonrails:rails:1.1.1:::::::* cpe:2.3:a:rubyonrails:rails:1.1.0:-:::::: cpe:2.3:a:rubyonrails:rails:1.0.0:::::::* cpe:2.3:a:rubyonrails:rails:0.9.4.1:::::::* cpe:2.3:a:rubyonrails:rails:0.9.4:::::::* cpe:2.3:a:rubyonrails:rails:0.9.3:::::::* cpe:2.3:a:rubyonrails:rails:0.9.2:::::::* cpe:2.3:a:rubyonrails:rails:0.9.1:::::::* cpe:2.3:a:rubyonrails:rails:0.14.4:::::::* cpe:2.3:a:rubyonrails:rails:0.14.3:::::::* cpe:2.3:a:rubyonrails:rails:0.14.2:::::::* cpe:2.3:a:rubyonrails:rails:0.14.1:::::::* cpe:2.3:a:rubyonrails:rails:0.13.1:::::::* cpe:2.3:a:rubyonrails:rails:0.13.0:::::::* cpe:2.3:a:rubyonrails:rails:0.12.1:::::::* cpe:2.3:a:rubyonrails:rails:0.12.0:::::::* cpe:2.3:a:rubyonrails:rails:0.11.1:::::::* cpe:2.3:a:rubyonrails:rails:0.11.0:::::::* cpe:2.3:a:rubyonrails:rails:0.10.1:::::::* cpe:2.3:a:rubyonrails:rails:0.10.0:::::::* cpe:2.3:a:rubyonrails:rails:::::::: cpe:2.3:a:rubyonrails:rails:-:::::::*	162
Application	Rubyonrails Ruby On Rails cpe:2.3:a:rubyonrails:ruby_on_rails:3.1.11:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:2.3.17:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.9.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.5:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.7.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.5:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.7:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.6:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.5:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.0:::::::* cpe:2.3:a:rubyonrails:ruby_on_rails::::::::	13
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::*	2
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*	1

SAINT Exploits

Description	Link
Ruby on Rails XML Processor YAML Deserialization	More info here

ExploitDB Exploits

id	Description
2013-01-29	Ruby on Rails JSON Processor YAML Deserialization Code Execution
2013-01-10	Ruby on Rails XML Processor YAML Deserialization Code Execution

OpenVAS Exploits

Date	Description
2012-04-02	Name : Fedora Update for rubygem-rails FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-rails_fc16.nasl
2012-04-02	Name : Fedora Update for rubygem-actionmailer FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-actionmailer_fc16.nasl
2012-04-02	Name : Fedora Update for rubygem-actionpack FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-actionpack_fc16.nasl
2012-04-02	Name : Fedora Update for rubygem-activerecord FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-activerecord_fc16.nasl
2012-04-02	Name : Fedora Update for rubygem-activeresource FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-activeresource_fc16.nasl
2012-04-02	Name : Fedora Update for rubygem-activesupport FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-activesupport_fc16.nasl
2012-03-19	Name : Fedora Update for rubygem-railties FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-railties_fc16.nasl
2012-03-19	Name : Fedora Update for rubygem-activemodel FEDORA-2011-11386 File : nvt/gb_fedora_2011_11386_rubygem-activemodel_fc16.nasl
2012-02-11	Name : Debian Security Advisory DSA 2301-2 (rails) File : nvt/deb_2301_2.nasl
2011-09-21	Name : Debian Security Advisory DSA 2301-1 (rails) File : nvt/deb_2301_1.nasl
2011-09-21	Name : FreeBSD Ports: rubygem-rails File : nvt/freebsd_rubygem-rails3.nasl
2011-09-12	Name : Fedora Update for rubygem-actionpack FEDORA-2011-11567 File : nvt/gb_fedora_2011_11567_rubygem-actionpack_fc14.nasl
2011-09-12	Name : Fedora Update for rubygem-actionpack FEDORA-2011-11572 File : nvt/gb_fedora_2011_11572_rubygem-actionpack_fc15.nasl
2011-09-12	Name : Fedora Update for rubygem-activesupport FEDORA-2011-11579 File : nvt/gb_fedora_2011_11579_rubygem-activesupport_fc15.nasl
2011-09-12	Name : Fedora Update for rubygem-activesupport FEDORA-2011-11600 File : nvt/gb_fedora_2011_11600_rubygem-activesupport_fc14.nasl
2011-08-03	Name : Debian Security Advisory DSA 2247-1 (rails) File : nvt/deb_2247_1.nasl
2011-03-08	Name : Fedora Update for rubygem-actionpack FEDORA-2011-2133 File : nvt/gb_fedora_2011_2133_rubygem-actionpack_fc14.nasl
2011-03-08	Name : Fedora Update for rubygem-actionpack FEDORA-2011-2138 File : nvt/gb_fedora_2011_2138_rubygem-actionpack_fc13.nasl
2011-02-28	Name : Ruby on Rails Security Bypass and SQL Injection Vulnerabilities File : nvt/secpod_ruby_rails_sec_bypass_n_sql_inj_vuln.nasl
2011-02-23	Name : Ruby on Rails Multiple Cross Site Scripting Vulnerabilities File : nvt/secpod_ruby_rails_mult_xss_vuln.nasl
2011-02-22	Name : Mandriva Update for python-django MDVSA-2011:031 (python-django) File : nvt/gb_mandriva_MDVSA_2011_031.nasl
2010-12-09	Name : Ruby on Rails Security Bypass Vulnerability File : nvt/gb_ruby_rails_sec_bypass_vuln.nasl
2010-08-02	Name : Ruby on Rails Cross Site Request Forgery Vulnerability File : nvt/secpod_ruby_rails_csrf_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
74618	Ruby on Rails Escaping Mechanism Unicode Sequence Handling XSS
74617	Ruby on Rails actionpack/lib/action_controller/vendor/html-scanner/html/node....
74616	Ruby on Rails actionpack/lib/action_controller/response.rb Content Type Handl...
74615	Ruby on Rails Template Selection View Rendering Access Restriction Bypass
74614	Ruby on Rails activerecord/lib/active_record/connection_adapters/ quote_table...
70928	Ruby on Rails mail_to Helper Multiple Parameter XSS Ruby on Rails contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'name' or 'email' values upon submission to the 'mail_to' helper. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
70927	Ruby on Rails Ajax/API Request CSRF Protection Bypass Ruby on Rails contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for AJAX or API HTTP requests that contain a X-Requested-With header. This makes it easier for an attacker to use a crafted URL (e.g., a crafted GET request inside an "img" tag) to trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
70906	Ruby on Rails Filter Case-Insensitive Filesystem Issue Ruby on Rails contains a flaw related to 'actionpack/lib/action_view/template/resolver.rb' failing to properly implement filtering code when a case-insensitive filesystem is in use. This may allow a remote attacker to bypass intended access restrictions by using an action name that uses an unexpected case on alphabetic characters.
70905	Ruby on Rails limit() Function SQL Injection Ruby on Rails contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due input passed via the 'limit()This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
68769	Ruby on Rails Nested Attribute Handling Arbitrary Record Manipulation Ruby on Rails contains a flaw related to the improper handling of nested attributes. This may allow a remote attacker to modify arbitrary records by changing parameter names in form inputs.

Snort® IPS/IDS

Date	Description
2014-01-10	Rails JSON to YAML parsing deserialization attempt RuleID : 25552 - Revision : 4 - Type : SERVER-OTHER
2014-01-10	Rails XML parameter parsing vulnerability exploitation attempt RuleID : 25288 - Revision : 10 - Type : SERVER-OTHER
2014-01-10	Rails XML parameter parsing vulnerability exploitation attempt RuleID : 25287 - Revision : 12 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2016-10-17	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7e61cf44654911e6828600248c0c745d.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-172.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-28.nasl - Type : ACT_GATHER_INFO
2014-11-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1863.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-327.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-326.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-325.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-324.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-152.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-106.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-329.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-988.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-989.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-1.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_rubygem-actionmailer-111116.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-990.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_rubygem-actionmailer-111116.nasl - Type : ACT_GATHER_INFO
2014-03-11	Name : The remote Fedora host is missing a security update. File : fedora_2014-3232.nasl - Type : ACT_GATHER_INFO
2014-03-07	Name : The remote Fedora host is missing a security update. File : fedora_2013-23636.nasl - Type : ACT_GATHER_INFO
2013-10-24	Name : The remote host is missing a security update for OS X Server. File : macosx_server_3_0.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO
2013-04-12	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_db0c4b00a24c11e29601000d601460a4.nasl - Type : ACT_GATHER_INFO
2013-04-01	Name : The remote Fedora host is missing a security update. File : fedora_2013-4130.nasl - Type : ACT_GATHER_INFO
2013-04-01	Name : The remote Fedora host is missing a security update. File : fedora_2013-4139.nasl - Type : ACT_GATHER_INFO
2013-04-01	Name : The remote Fedora host is missing a security update. File : fedora_2013-4198.nasl - Type : ACT_GATHER_INFO
2013-04-01	Name : The remote Fedora host is missing a security update. File : fedora_2013-4199.nasl - Type : ACT_GATHER_INFO
2013-04-01	Name : The remote Fedora host is missing a security update. File : fedora_2013-4214.nasl - Type : ACT_GATHER_INFO
2013-03-29	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2655.nasl - Type : ACT_GATHER_INFO
2013-03-15	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-001.nasl - Type : ACT_GATHER_INFO
2013-03-14	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_cda566a02df04eb0b70eed7a6fb0ab3c.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Fedora host is missing a security update. File : fedora_2013-2398.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Fedora host is missing a security update. File : fedora_2013-2391.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Fedora host is missing a security update. File : fedora_2013-2351.nasl - Type : ACT_GATHER_INFO
2013-02-18	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_beab40bfc1ca4d2bad462f14bac8a968.nasl - Type : ACT_GATHER_INFO
2013-02-13	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2620.nasl - Type : ACT_GATHER_INFO
2013-02-11	Name : The remote Fedora host is missing a security update. File : fedora_2013-1745.nasl - Type : ACT_GATHER_INFO
2013-02-11	Name : The remote Fedora host is missing a security update. File : fedora_2013-1710.nasl - Type : ACT_GATHER_INFO
2013-02-05	Name : The remote host is missing an update for OS X Server that fixes two security ... File : macosx_server_2_2_1.nasl - Type : ACT_GATHER_INFO
2013-01-31	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2613.nasl - Type : ACT_GATHER_INFO
2013-01-29	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0201.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0154.nasl - Type : ACT_GATHER_INFO
2013-01-23	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-0635.nasl - Type : ACT_GATHER_INFO
2013-01-23	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-0686.nasl - Type : ACT_GATHER_INFO
2013-01-21	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-0568.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2609.nasl - Type : ACT_GATHER_INFO
2013-01-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2604.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ca5d327259e311e2853b00262d5ed8ee.nasl - Type : ACT_GATHER_INFO
2011-09-07	Name : The remote Fedora host is missing a security update. File : fedora_2011-11600.nasl - Type : ACT_GATHER_INFO
2011-09-07	Name : The remote Fedora host is missing a security update. File : fedora_2011-11579.nasl - Type : ACT_GATHER_INFO
2011-09-07	Name : The remote Fedora host is missing a security update. File : fedora_2011-11572.nasl - Type : ACT_GATHER_INFO
2011-09-07	Name : The remote Fedora host is missing a security update. File : fedora_2011-11567.nasl - Type : ACT_GATHER_INFO
2011-09-07	Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11386.nasl - Type : ACT_GATHER_INFO
2011-09-06	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2301.nasl - Type : ACT_GATHER_INFO
2011-06-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2247.nasl - Type : ACT_GATHER_INFO
2011-04-06	Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-4358.nasl - Type : ACT_GATHER_INFO
2011-03-07	Name : The remote Fedora host is missing a security update. File : fedora_2011-2138.nasl - Type : ACT_GATHER_INFO
2011-03-07	Name : The remote Fedora host is missing a security update. File : fedora_2011-2133.nasl - Type : ACT_GATHER_INFO
2011-02-20	Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-031.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-12-16 13:25:47	Multiple Updates
2014-12-15 00:22:04	First insertion

Global Informations

Type	Count
CWE ID(s)	17
Oval ID(s)	6
CPE ID(s)	178
Saint Exploit(s)	1
osvdb(s)	10
ExploitDB Exploit(s)	2
Openvas Exploit(s)	23
Snort® Rule(s)	3
Nessus® Exploit(s)	58

	Related
10	CVE-2013-0277
7.5	CVE-2013-0333
7.5	CVE-2013-0156
7.5	CVE-2011-2930
7.5	CVE-2011-0449
7.5	CVE-2011-0448
6.8	CVE-2011-0447
6.4	CVE-2013-0155
6.4	CVE-2010-3933
5.8	CVE-2013-1856
5	CVE-2013-1854
5	CVE-2011-2929
4.3	CVE-2013-1857
4.3	CVE-2013-1855
4.3	CVE-2013-0276
4.3	CVE-2011-3186
4.3	CVE-2011-2932
4.3	CVE-2011-2931
4.3	CVE-2011-0446
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 19 more Alert(s)