Vulnerability in Ruby on Rails could bring 200,000 sites down

Vulnerability in Ruby on Rails could bring 200,000 sites down | News | Geek.com

geek.com 10 Jan '13, 12pm

Vulnerability in Ruby on Rails could bring 200,000 sites down

In the realm of computer security there are bugs , and then there are bugs . The latter refers to a real showstopper — the kind of bug that could bring a website to its knees and expose user data if the wrong people figure it out. Just such a bug has been discovered in Ruby on Rails, and it is estimated that roughly 200,000 websites are at risk of attack. The bug is of the most serious nature, and stems from the way Rails handles formatted parameters. While complicated, the object injection attack is 100% effective as described. It could give a remote hacker the necessary access to execute any code on the server running Rails. This would allow the attacker to do just about anything including copying data, deleting web assets, and simply taking the site offline without all that messy DDoS-ing. Ruby on Rails is an extremely popular web app framework that is used on sites lik...

Full article: http://www.geek.com/articles/news/vulnerability-in-ruby-o...

Tweets

@NyTiVe » 11 Jan '13, 7pm
Vulnerability in Ruby on Rails could bring 200,000 sites down. #Spokane [link]
@navi4all » 10 Jan '13, 3pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link] via @prismatic
@DigitalTorq » 10 Jan '13, 3pm
DigitalTorq 2012 Vulnerability in Ruby on Rails could bring 200,000 sites down [link]
@ikamacho » 10 Jan '13, 2pm
RT @Tecnologia_Inf: Vulnerability in Ruby on Rails could bring 200,000 sites down [link] #Technology #News
@theSoftBullet » 10 Jan '13, 2pm
Serious security issue with Ruby on Rails framework [link]
@vlezcano » 10 Jan '13, 2pm
RT @hobbygeeks: Vulnerability in Ruby on Rails could bring 200,000 sites down: In the realm of computer securi... [link] #geek #news #info
@DerekTMcKinney » 10 Jan '13, 2pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link] via @geekdotcom
@chub0t » 10 Jan '13, 2pm
RT @geekdotcom: Vulnerability in Ruby on Rails could bring 200,000 sites down [link]
@TechInsiderco » 10 Jan '13, 2pm
Vulnerability in Ruby on Rails could bring 200,000 sites down: In the realm of computer security there are... [link] #tech
@Tecnologia_I » 10 Jan '13, 2pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link] #Technology #News
@hobbygeeks » 10 Jan '13, 2pm
Vulnerability in Ruby on Rails could bring 200,000 sites down: In the realm of computer securi... [link] #geek #news #info
@sayedbin » 10 Jan '13, 2pm
New Gadgets Vulnerability in Ruby on Rails could bring 200,000 sites down: In the realm of computer s... [link] #computers
@BizIntelAnalyst » 10 Jan '13, 1pm
Vulnerability in Ruby on Rails could bring 200,000 sites down: In the realm of computer security there ... [link] #pdln4nx
@GeekInfoToday » 10 Jan '13, 1pm
Vulnerability in Ruby on Rails could bring 200,000 sites down | News | [link] [link]
@thegeekfeed » 10 Jan '13, 1pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link] #geek
@pcgerms » 10 Jan '13, 12pm
Vulnerability in Ruby on Rails could bring 200,000 sites down: In the realm of computer security there are bugs,... [link]
@TechZader » 10 Jan '13, 2pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link]
@BlkPhoenix66 » 10 Jan '13, 1pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link]
@zipleen » 10 Jan '13, 1pm
Vulnerability in Ruby on Rails could bring 200,000 sites down [link]