Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code Likley En Route #ruby

Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route | SecurityWeek.Com

Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code Likley En Route #ruby

The latest versions, 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been updated with "two extremely critical security fixes" and should be applied immediately, according to a post on RubyonRails.org Jan. 8. The "multiple weaknesses" in the parameter parsing code for Ruby on Rails allow attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a denial-of-service attack on a Rails application, according to the advisory posted on the Ruby on Rails Security list on Google Groups.

Full article: http://www.securityweek.com/ruby-rails-releases-extremely...

Tweets

@sarahbergeron » 10 Jan '13, 3pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes - [link] via @SecurityWeek @zdFYRashid with @rapid7 (client)
@securitygen » 09 Jan '13, 11pm
RT @SecureMac: Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route | [link] [link]
@DI_Sigurnost » 09 Jan '13, 11pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes –... [link] #NEWSampINDUSTRY #Vulnerabilities #DigitalnaSigurnost
@s_alhayani » 09 Jan '13, 8pm
RT @SecurityWeek: Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code Likley En Route [link] #ruby
@Insecurestuff » 09 Jan '13, 7pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route [link] #Insecurestuff
@CyberExaminer » 09 Jan '13, 7pm
#cybersecurity Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route [link] #infosec
@CyberCrimeNEWS » 09 Jan '13, 7pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route [link] #ccureit
@robertwbutzke » 09 Jan '13, 6pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route | [link] via @SecurityWeek
@SecurityWeek » 09 Jan '13, 6pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code Likley En Route [link] #ruby
@SecMash » 09 Jan '13, 7pm
#InfoSec Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route [link] #CyberSecurity
@SecurityPhresh » 09 Jan '13, 7pm
Ruby On Rails Releases Extremely Critical Security Fixes – #Exploit Code En Route... [link]
@CcureIT » 09 Jan '13, 7pm
Ruby on Rails Releases 'Extremely Critical' Security Fixes – Exploit Code En Route [link] #ccureit