10 Jan '13, 10pm

Update Ruby now before it goes off the Rails

Update Ruby now before it goes off the Rails

Do you use Ruby on Rails? If so, it’s time to update. Now. Ruby on Rails is an open source Web application framework built to use with the Ruby programming language. Ruby on Rails—or just Rails—gives Web developers the ability to gather information from Web servers, or query a database. Rails is used across an estimated quarter of a million websites ranging from ecommerce to cloud storage. Rails contains critical vulnerabilities that are being targeted by attackers. The mass assignments vulnerability is the Rails equivalent of SQL injection, and exposes Rails to exploits. Update Ruby now to patch extremely critical vulnerabilities. Lamar Bailey, director of security research and development for nCircle , explained, “All unpatched versions of Ruby on Rails contain critical vulnerabilities involving parameter parsing and attackers can use these bugs to execute code or launch...

Full article: http://www.pcworld.com/article/2024833/update-ruby-now-be...

Tweets

Update Ruby now before it goes off the Rails #I...

csoonline.com 12 Jan '13, 10pm

January 11, 2013 — PC World — Do you use Ruby on Rails? If so, it's time to update. Now. Ruby on Rails is an open source W...

Exploits for Ruby on Rails holes now in circula...

h-online.com 10 Jan '13, 4pm

Since the reports of a critical vulnerability in Ruby on Rails , the first exploits have begun circulating and the first r...

Ruby on Rails Vulnerabilities Discovered, Users Urged to Update Immediately

Ruby on Rails Vulnerabilities Discovered, Users...

thewhir.com 10 Jan '13, 4pm

A vulnerability discovered on the Ruby on Rails web application framework allows attackers to bypass authentication system...

Update Ruby now before it goes off the Rails #ITWorld

Update Ruby now before it goes off the Rails #I...

itworld.com 11 Jan '13, 9pm

January 11, 2013, 4:20 PM — Do you use Ruby on Rails? If so, it's time to update. Now. Ruby on Rails is an open source Web...

Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Ruby on Rails patches more critical vulnerabili...

news.hitb.org 09 Jan '13, 10am

Those using the Ruby on Rails web application framework on their websites are being advised to update the software immedia...

Me at @CSO_Australia: "Nasty Ruby on Rails vuln...

cso.com.au 11 Jan '13, 4am

The revelation of serious long-term vulnerabilities in the popular Ruby on Rails web programming framework is just one of ...

Drop everything now and patch Ruby on Rails app...

darkreading.com 10 Jan '13, 9pm

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popul...

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

Exploiting Ruby on Rails with Metasploit (CVE-2...

community.rapid7.com 10 Jan '13, 6pm

First off, make sure you have a copy of Metasploit and that you have How to update Metasploit Express and Metasploit Pro ....

Exploit Code, Metasploit Module Out for Ruby on...

threatpost.com 10 Jan '13, 3pm

Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proo...

Metasploit users - get the security update for ...

community.rapid7.com 09 Jan '13, 10am

was posted to the Ruby on Rails (RoR) security discussion list. The summary is that the XML processor in RoR can be tricke...

Ruby on Rails releases "extremely critical" fixes

scmagazine.com 09 Jan '13, 5pm

The maintainers of the Ruby on Rails have pushed out the second update in a week to fix critical holes in the web applicat...

Ruby on Rails Bootcamp in Seattle

codefellows.org 10 Jan '13, 2pm

Immersive education is the best way to learn how to code. You'll be living and breathing Ruby on Rails every day of the we...

What is the Value of NOW???

ricksblog.com 10 Jan '13, 7pm

Rockies.com sold for $1.2 Million this week. Nets.com is up for grabs at $5 Million and pokes fun at the NY Nets. Cowboys....

Dutch govt pulls Ruby on Rails, exploits become...

zdnet.com 11 Jan '13, 5am

The first effects of the recently discovered Ruby on Rails exploit are beginning to be felt, with the Dutch government pul...

ModSecurity Mitigations for Ruby on Rails XML Exploits

ModSecurity Mitigations for Ruby on Rails XML E...

blog.spiderlabs.com 10 Jan '13, 6pm

There is big trouble in Ruby on Rails (RoR) land... The issue is related to XML parsing of YAML document elements or Symbo...