10 Jan '13, 5am

Эксплойт для последних уязвимостей Ruby on Rails

Эксплойт для последних уязвимостей Ruby on Rails

Среди известных сайтов, которые работают на Ruby on Rails — Github, Yammer, Scribd, Groupon, Shopify и Basecamp. На Ruby написан известный фреймворк для пентестинга Metasplot, а на «рельсах» работают интерфейсы Metasploit Pro, Express и Community.

Full article: http://www.xakep.ru/post/59919/default.asp

Tweets

Ruby on Rails Bootcamp in Seattle

codefellows.org 10 Jan '13, 2pm

Immersive education is the best way to learn how to code. You'll be living and breathing Ruby on Rails every day of the we...

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

Exploiting Ruby on Rails with Metasploit (CVE-2...

community.rapid7.com 10 Jan '13, 6pm

First off, make sure you have a copy of Metasploit and that you have How to update Metasploit Express and Metasploit Pro ....

В Ruby on Rails обнаружена критическая уязвимос...

opennet.ru 09 Jan '13, 2pm

- серия уязвимостей, которая позволяет атакующему выполнить свой код на сервере, обойти средства аутентификации, осуществи...

New flaw in Ruby on Rails:

New flaw in Ruby on Rails:

infosecurity-magazine.com 09 Jan '13, 1pm

Earlier today the Internet Storm Center (ISC) reported , “A SQL Injection Flaw (CVE-2012-5664) was announced last week (Ja...

「Ruby on Rails」に極めて深刻な脆弱性、直ちにアップデートを - ITmedia ...

itmedia.co.jp 09 Jan '13, 10pm

Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters

Metasploit Rails 3 Remote Code Execution Hours ...

community.rapid7.com 10 Jan '13, 3am

was posted to the Ruby on Rails (RoR) security discussion list. The summary is that the XML processor in RoR can be tricke...

Ruby on Rails に複数の脆弱性

jvn.jp 09 Jan '13, 3am

US-CERT Vulnerability Note VU#380039 Ruby on Rails contains multiple vulnerabilities in parameter parsing in the Action Pa...

Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Ruby on Rails patches more critical vulnerabili...

news.hitb.org 09 Jan '13, 10am

Those using the Ruby on Rails web application framework on their websites are being advised to update the software immedia...

Read @adamjodonnell's insights on the latest Ru...

blog.sourcefire.com 09 Jan '13, 8pm

A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framewo...

Ruby 開発備忘録: vanityとchankoを使ってRailsで簡単安全にABテストをする

face-do.blogspot.com 10 Jan '13, 2pm

module Sample include Chanko::Unit active_if do |context, options| ab_test(:price_options) end scope(:controller) do funct...

Update Ruby now before it goes off the Rails

Update Ruby now before it goes off the Rails

pcworld.com 10 Jan '13, 10pm

Do you use Ruby on Rails? If so, it’s time to update. Now. Ruby on Rails is an open source Web application framework built...

Ruby on Rails patches more critical vulnerabili...

infoworld.com 09 Jan '13, 12pm

Those using the Ruby on Rails Web application framework on their websites are being advised to update the software immedia...

Time Zones, Ruby on Rails, and MySQL

reddit.com 11 Jan '13, 2am

Time zones in Rails can be a little confusing because they add support by modifying existing Ruby core/stdlib classes. Rub...

Critical Flaws Patched in Ruby on Rails

threatpost.com 08 Jan '13, 9pm

"There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentica...