OpenRuby.com

04 Feb '13, 2pm

Anatomy of an Exploit: An In-depth Look at the Rails YAML Vulnerability

Anatomy of an Exploit: An In-depth Look at the Rails YAML Vulnerability

Exploits happens, and this month the Rails and Ruby communities have seen no shortage. From a major exploit in Rails to a slightly different Rubygems.org attack, there has never been a better time to brush up on software security. Maybe you’re wondering why these vulnerabilities happen in the first place, why they weren’t caught in the first place, or maybe you just want to know the specifics of this attack. We’ll start off by taking a look at the anatomy of a security exploit, and then dive into the gory details of the YAML issue. Why Insecure Code Happens No one intends to write insecure software. These vulnerabilities are bugs in the software that can be taken advantage of by others. Unlike a normal bug that will cause your software to not function as intended, a bug that opens up a security hole might still work fine for your task and never actually throw any errors. O...

Full article: http://rubysource.com/anatomy-of-an-exploit-an-in-depth-l...

Tweets

"look down at my sneakers now." A.K.A

media.tumblr.com 04 Feb '13, 11pm

look down at my sneakers now

24.media.tumblr.com 08 Feb '13, 11pm

"look down at my sneakers now" OK JUSTIN OK

25.media.tumblr.com 04 Feb '13, 9pm

Windows down , speakers loud , look down at my ...

25.media.tumblr.com 04 Feb '13, 4pm

New vulnerabilities just being disclosed on Rub...

groups.google.com 11 Feb '13, 7pm

Look What You Can Do With a 420 Sq Ft Apartment!

forums.condosingapore.com 04 Feb '13, 2am

the furniture looks really cool.. but problem is its so tedious to stack and unstack (especially the long dining table) mo...

#Vulnerabilities Ruby on Rails JSON Processor Y...

net-security.org 03 Feb '13, 7am

Cisco shows the global picture of information security Posted on 31 January 2013. | Cisco released findings from two globa...

"Meet me on the 6th floor" "Windows down, speak...

25.media.tumblr.com 04 Feb '13, 10pm

For those concerned about @padrinorb in the lig...

padrinorb.com 04 Feb '13, 4pm

Rails and the Ruby community had their fair share of security vulnerabilities in the recent days. Where does that leave Pa...

Get the Look: Long Bangs

Get the Look: Long Bangs

beautysnob.com 04 Feb '13, 11am

From Taylor Swift to Britney Spears to Michelle Obama – long bangs are clearly having a moment. The key with this look is ...

Ma (rapide) présentation d'hier sur la vuln' YA...

speakerdeck.com 06 Feb '13, 10am

Quick presentation on the YAML vuln and the impact on a Rails application.

Change your brows, change your look. these little tweaks can have a big impact on your overall look

Change your brows, change your look. these litt...

michellephan.com 06 Feb '13, 7pm

Eyebrows are such an important feature and just a slight change in brow shape can change your whole look. You can go from ...

I knew nothing about this. Great! In-depth look at #bitcoins and how they could impact accounting.

I knew nothing about this. Great! In-depth look...

blogs.mccombs.utexas.edu 06 Feb '13, 4pm

Most blogs, including ours, operate on the WordPress content management system , the most popular blogging platform in the...

Know your yu sheng - we break it down into five steps, and more.

Know your yu sheng - we break it down into five...

hungrygowhere.com 04 Feb '13, 8am

The anatomy of yu sheng | Illustration: Savid Gan Yu sheng has become an integral part of Chinese New Year meals. These da...

[remote] - Ruby on Rails JSON Processor YAML De...

exploit-db.com 29 Jan '13, 3pm

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Ple...