Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Ruby on Rails patches more critical vulnerabilities

news.hitb.org 09 Jan '13, 10am

Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Those using the Ruby on Rails web application framework on their websites are being advised to update the software immediately after multiple new vulnerabilities were found. It's the second time this month that Rails has been patched because of serious flaws. Ruby on Rails is an open-source web application development framework that is widely used across the Internet on websites including Hulu, GroupOn and Scribd. One of the problems, CVE-2013-0156, lies in the parameter parsing code for Ruby on Rails, which would allow attackers to bypass authentication systems, perform SQL injection attacks or a denial of service attack against applications using Rails, according to an advisory on Tuesday. A SQL injection attack involves sending commands through a web-based form to a website's backend database, which, if not protected properly, can return sensitive data.

Full article: http://news.hitb.org/content/ruby-rails-patches-more-crit...

Tweets

@CyberExaminer » 09 Jan '13, 10am
#cybersecurity Ruby on Rails patches more critical vulnerabilities [link] #infosec
@b0rn70d13 » 09 Jan '13, 10am
#HITB News Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application fr... [link]
@BrianDuPrix » 09 Jan '13, 10am
#security Ruby on Rails patches more critical vulnerabilities [link]
@secureslinger » 09 Jan '13, 10am
#computer #security Those using the Ruby on Rails web application framework on their websites… [link]
@NAMANDISTRO » 09 Jan '13, 10am
Ruby on Rails patches more critical vulnerabilities: [link]
@deepcell » 09 Jan '13, 10am
Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on ... [link]
@iBookChick » 09 Jan '13, 10am
Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on ... [link]
@hackinthebox » 09 Jan '13, 10am
Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on ... [link]
@planktonmedia » 09 Jan '13, 10am
Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on ... [link]

Ruby on Rails patches more critical vulnerabilities

Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Tweets

Ruby on Rails patches more critical vulnerabili...

Critical Ruby on Rails flaws fixed, upgrade imm...

Read @adamjodonnell's insights on the latest Ru...

Critical Flaws Patched in Ruby on Rails

Ruby on Rails 3.2.11 released to address 2 "ext...

Critical vulnerability in Ruby on Rails paramet...

Critical vulnerability in Ruby on Rails paramet...

Ruby on Rails Vulnerabilities Discovered, Users...

Any Ruby on Rails app is, badly, utterly, pwned...

Ruby on Rails releases "extremely critical" fixes

Ruby on Rails に複数の脆弱性

Rails vulnerabilities are not Rails'

Ruby on Rails pushing out 'extremely critical' ...

Update Ruby now before it goes off the Rails

Extremely critical Ruby on Rails bug threatens ...