16 Jan '13, 12am

Looks like #ruby sites might be up for grabs...

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popular Web application programming platform Ruby on Rails (RoR), as well as a new Metasploit module for the most serious of the two flaws, raising concerns of potentially damaging attacks to come on Web servers and databases. Patches for the two Ruby on Rails vulnerabilities , CVE-2013-0155 and CVE-2013-0156, were issued yesterday after researchers disclosed the bugs earlier this week. Ruby on Rails is an open-source Web programming framework that runs in more than 200,000 websites and on tens of thousands of apps, including Twitter, Metasploit, Groupon, Scribd, Hulu, Living Social, Yellow Pages, and GitHub. To date, RoR hasn't experienced much in the way of security vulnerability issues, but this new bug finds likely will open the floodgates for more resea...

Full article: http://www.darkreading.com/database-security/167901020/se...

Tweets

Attack Code, Metasploit Module Released For Ser...

darkreading.com 10 Jan '13, 9pm

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popul...

Drop everything now and patch Ruby on Rails app...

darkreading.com 10 Jan '13, 9pm

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popul...

Ruby 1.9.3-p374 is released.

ruby-lang.org 17 Jan '13, 8am

Now Ruby 1.9.3-p374 is released. This release includes many bug fixes. Especially, Fixed randomly SEGV problem (often repo...

Exploit Code, Metasploit Module Out for Ruby on...

threatpost.com 10 Jan '13, 3pm

Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proo...

Pls : #ruby #rails

The tickets, ticket quantity or date and time you've requested are no longer available, due to previous sales. Please choo...

#Exploit Info - VRT reviewed #Ruby on Rails vul...

vrt-blog.snort.org 10 Jan '13, 7pm

on the Ruby on Rails Security group January 8th contained a few phrases that cause alarm when used together: "inject arbit...

Vulnerability in JSON Parser in Ruby on Rails 3...

groups.google.com 28 Jan '13, 9pm

Dieser Browser wird nicht unterstützt.

Vulnerability in JSON Parser in Ruby on Rails 3...

groups.google.com 28 Jan '13, 9pm

Dieser Browser wird nicht unterstützt.

Vulnerability in Ruby on Rails could bring 200,000 sites down

Vulnerability in Ruby on Rails could bring 200,...

geek.com 10 Jan '13, 12pm

In the realm of computer security there are bugs , and then there are bugs . The latter refers to a real showstopper — the...

Exploit Code for Ruby on Rails Flaw Likely on t...

threatpost.com 09 Jan '13, 4pm

The vulnerabilities patched Tuesday in the Ruby on Rails Web framework have security researchers warning of the potential ...

Ruby on Rails derails 240,000 sites with enormo...

theregister.co.uk 10 Jan '13, 3pm

Popular programming framework Ruby on Rails is affected by two critical security vulnerabilities - one allowing anyone to ...

Extremely critical Ruby on Rails bug threatens ...

mukpin.com 10 Jan '13, 1pm

Extremely critical Ruby on Rails bug threatens more than 200,000 sites hundreds of thousands of websites are potentially a...

Ruby on Rails Programming by zscorp: We need to...

freelancer.com 28 Jan '13, 9pm

Freelancer.com (formerly GetAFreelancer) is the world's largest outsourcing and crowdsourcing marketplace for small busine...

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

Exploiting Ruby on Rails with Metasploit (CVE-2...

community.rapid7.com 10 Jan '13, 6pm

First off, make sure you have a copy of Metasploit and that you have How to update Metasploit Express and Metasploit Pro ....