Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs

Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs - Dark Reading

Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popular Web application programming platform Ruby on Rails (RoR), as well as a new Metasploit module for the most serious of the two flaws, raising concerns of potentially damaging attacks to come on Web servers and databases. Patches for the two Ruby on Rails vulnerabilities , CVE-2013-0155 and CVE-2013-0156, were issued yesterday after researchers disclosed the bugs earlier this week. Ruby on Rails is an open-source Web programming framework that runs in more than 200,000 websites and on tens of thousands of apps, including Twitter, Metasploit, Groupon, Scribd, Hulu, Living Social, Yellow Pages, and GitHub. To date, RoR hasn't experienced much in the way of security vulnerability issues, but this new bug finds likely will open the floodgates for more resea...

Full article: http://www.darkreading.com/database-security/167901020/se...

Tweets

@mcspr » 14 Jan '13, 7am
RT @wvancampen: HIer konden we op wachten natuurlijk - Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs -[link]
@wvancampen » 13 Jan '13, 6pm
HIer konden we op wachten natuurlijk - Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs -[link]
@rjacksix » 11 Jan '13, 11pm
RT @NormanSec: Via @DarkReading: Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link]
@NormanSec » 11 Jan '13, 11pm
Via @DarkReading: Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link]
@elight » 11 Jan '13, 10pm
RT @eltiare: Major attacks released for Rails. If you're running a Rails app, update NOW: [link]
@eltiare » 11 Jan '13, 10pm
Major attacks released for Rails. If you're running a Rails app, update NOW: [link]
@Engineering24x7 » 11 Jan '13, 7am
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs - Dark Reading [link]
@texnolize » 11 Jan '13, 1am
RT @cipherstorm: # Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link]
@thinksnews » 11 Jan '13, 1am
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs: Drop everything and p... [link] #infosec #security
@InfoSecRSS » 11 Jan '13, 1am
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs: Drop everything and patch Ruby on Rails ... [link]
@readevalprint » 11 Jan '13, 12am
@ednapiranha @ambaxter Ruby on Rails security #ohthat [link]
@netsecured99 » 10 Jan '13, 10pm
RT @CyberExaminer2013#cybersecurity Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link] #info...
@CyberExaminer » 10 Jan '13, 10pm
#cybersecurity Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link] #infosec
@corris_it » 10 Jan '13, 9pm
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link] | DarkReading
@starkeymagazine » 10 Jan '13, 9pm
#Infosec Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link]
@PacketknifeToo » 10 Jan '13, 9pm
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link]
@SanjeevGiri2 » 10 Jan '13, 9pm
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link]
@SecMash » 10 Jan '13, 9pm
Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs [link] #InfoSec