Exploits for Ruby on Rails holes now in circulation

Exploits for Ruby on Rails holes now in circulation - The H Open:

h-online.com 10 Jan '13, 4pm

Exploits for Ruby on Rails holes now in circulation

Since the reports of a critical vulnerability in Ruby on Rails , the first exploits have begun circulating and the first reports of hijacked web servers are already coming in. The hole is extremely dangerous as it affects a very large number of applications and servers. Anyone who administers a server with a Rails application should urgently take action and either install the updated version or at least make changes which provide temporary protection. The updates published on Wednesday eliminate two errors which have been designated CVE-2013-0156 and CVE-2013-155, with the former being classified as critical. The underlying vulnerability allows for code to be injected into the server and executed with the privileges of the attacked Rails application. The problem lies in the way Rails accepts data from the user and an attacker need only send data as a POST request to an app...

Full article: http://www.h-online.com/open/news/item/Exploits-for-Ruby-...

Tweets

@hyphenet » 13 Jan '13, 11pm
Exploits for Ruby on Rails holes now in circulation [link] via @honline #tech #security
@gaetanoz » 11 Jan '13, 5pm
RT @ruggerotonelli: Exploits for Ruby on #Rails holes now in circulation [link] #ror #security
@ruggerotonelli » 11 Jan '13, 4pm
Exploits for Ruby on #Rails holes now in circulation [link] #ror #security
@roudi » 11 Jan '13, 2am
Exploits for Ruby on Rails holes now in circulation [link] via @prismatic
@MontI_64 » 11 Jan '13, 12am
[link] <--- segun esto Twitter esta desarrollado en Ruby, hoy vulnerable [link]
@LinuxSec » 11 Jan '13, 12am
RT @RealBelahzur: Exploits for Ruby on Rails holes now in circulation [link] #theh #open
@leptom » 10 Jan '13, 10pm
RT @Noxbru: Exploits for Ruby on Rails holes now in circulation [link] #theh #open cc/ @leptom
@mackrauss » 10 Jan '13, 8pm
The Ruby on Rails vulnerability is now being abused [link] So time to update or patch #security
@TechL0G » 10 Jan '13, 7pm
#Open_Source ·Exploits for Ruby on Rails holes now in circulation: The recently disclosed... [link] |[link]
@Noxbru » 10 Jan '13, 7pm
Exploits for Ruby on Rails holes now in circulation [link] #theh #open cc/ @leptom
@rlinux » 10 Jan '13, 6pm
RT @B1gGaGa: Exploits for Ruby on Rails holes now in circulation - [link]
@corris_it » 10 Jan '13, 5pm
Exploits for Ruby on Rails holes now in circulation [link] | The H Open Source
@pl4g4 » 10 Jan '13, 5pm
Exploits for Ruby on Rails holes now in circulation - The H Open: News and Features [link]
@dam1an » 10 Jan '13, 5pm
RT @freesource: Exploits for Ruby on Rails holes now in circulation [link]
@oxyd75 » 10 Jan '13, 4pm
Exploits for Ruby on Rails holes now in circulation [link] #webdesign
@sudaraka_feeds » 10 Jan '13, 4pm
Exploits for Ruby on Rails holes now in circulation #HOnline [link] The recently disclosed holes in all versions of Ruby on...
@3DR » 10 Jan '13, 4pm
Exploits for Ruby on Rails holes now in circulation: The recently disclosed holes in all versions of Ruby on Rai... [link]
@heiseonlineuk » 10 Jan '13, 4pm
RT @honlinenews: Exploits for Ruby on Rails holes now in circulation [link]
@honlinenews » 10 Jan '13, 4pm
Exploits for Ruby on Rails holes now in circulation [link]
@Cyb3r » 10 Jan '13, 5pm
Exploits for Ruby on Rails holes now in circulation: The recently disclosed holes in all versions of Ruby on Rai... [link]
@webspacecraft » 10 Jan '13, 4pm
Exploits for Ruby on Rails holes now in circulation: The recently disclosed holes in all versions of Ruby on Rai... [link]
@ekrTech » 10 Jan '13, 4pm
Exploits for Ruby on Rails holes now in circulation: The recently disclosed holes in all versions of Ruby on... [link] #in