Announcement Announcement Module
Collapse
No announcement yet.
Advisory - Ruby on Rails "implicit render" Directory Traversal Vulnerability Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Advisory - Ruby on Rails "implicit render" Directory Traversal Vulnerability

    Ruby on Rails "implicit render" Directory Traversal Vulnerability

    Severity Rating : Medium

    Component Affected:

    • Ruby on Rails versions prior to 3.2.18
    • Ruby on Rails versions prior 4.0.x to 4.0.5
    • Ruby on Rails versions prior 4.1.x to 4.1.1

    Overview

    A directory traversal vulnerability has been reported in "implicit render " functionality in Ruby on Rails which could be exploited by a remote attacker to retrieve arbitrary files from the target system.

    Description
    This vulnerability exists due to improper sanitization of directory traversal character sequences by the action parameters used by the affected application when using globbing routes to send input to the ":action"
    parameter.

    A remote unauthenticated attacker could exploit this vulnerability using specially crafted web request with such a directory traversal character sequence to the targeted system which could allow the attacker to conduct directory traversal attacks on the targeted system and disclose arbitrary files.

    Solution
    Install appropriate security fixes as suggested in vendor's advisory
    http://weblog.rubyonrails.org/2014/5...been_released/

    Vendor Information
    Ruby on Rails
    http://weblog.rubyonrails.org/2014/5...been_released/

    References
    Secunia
    http://secunia.com/advisories/58120/

    Security Tracker
    http://www.securitytracker.com/id/1030210

    Cisco
    http://tools.cisco.com/security/cent...?alertId=34168

  • #2
    SQL Injection vulnerability in Ruby on Rails

    Severity Rating: HIGH

    Systems Affected
    • Ruby on Rails 2.0.0 through 3.2.18
    • Ruby on Rails 4.0.0 through 4.1.2

    Overview
    SQL Injection Vulnerability has been reported in PostgreSQL adapter((postgresql_adapter.rb , quoting.rb ) for Active Records in Ruby on Rails which could be exploited by a remote attacker to launch SQL
    injection attacks.

    Solution
    Apply appropriate security fixes (3.2.19 for CVE-2014-3482, 4.0.7, 4.1.3 for CVE-2014-3483 ) as mentioned in vendor advisory available at: http://weblog.rubyonrails.org/2014/7...been_released/

    Vendor Information
    Ruby on Rails
    http://weblog.rubyonrails.org/

    References
    Security Focus
    http://www.securityfocus.com/bid/68343/discuss
    Security Tracker
    http://securitytracker.com/id/1030516

    CVE Name
    CVE-2014-3482
    CVE-2014-3483

    Comment

    Tag Cloud Tag Cloud Module
    Collapse
    Working...
    X