Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18420
HistoryNov 15, 2007 - 12:00 a.m.

[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities

2007-11-1500:00:00
vulners.com
28
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gentoo Linux Security Advisory GLSA 200711-17

                                        http://security.gentoo.org/

Severity: Normal
Title: Ruby on Rails: Multiple vulnerabilities
Date: November 14, 2007
Bugs: #195315, #182223
ID: 200711-17

Synopsis

Several vulnerabilities were found in Ruby on Rails allowing for file
disclosure and theft of user credentials.

Background

Ruby on Rails is a free web framework used to develop database-driven
web applications.

Affected packages

-------------------------------------------------------------------
 Package         /  Vulnerable  /                       Unaffected
-------------------------------------------------------------------

1 dev-ruby/rails < 1.2.5 >= 1.2.5

Description

candlerb found that ActiveResource, when processing responses using the
Hash.from_xml() function, does not properly sanitize filenames
(CVE-2007-5380). The session management functionality allowed the
"session_id" to be set in the URL (CVE-2007-5380). BCC discovered that
the to_json() function does not properly sanitize input before
returning it to the user (CVE-2007-3227).

Impact

Unauthenticated remote attackers could exploit these vulnerabilities to
determine the existence of files or to read the contents of arbitrary
XML files; conduct session fixation attacks and gain unauthorized
access; and to execute arbitrary HTML and script code in a user's
browser session in context of an affected site by enticing a user to
browse a specially crafted URL.

Workaround

There is no known workaround at this time.

Resolution

All Ruby on Rails users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-ruby/rails-1.2.5&quot;

References

[ 1 ] CVE-2007-3227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227
[ 2 ] CVE-2007-5379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5379
[ 3 ] CVE-2007-5380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5380

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200711-17.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHO2VEuhJ+ozIKI5gRAhtQAJ4/nC4Lhyg3HnpGUcyPSr7JIq5BrACfR6vF
jsBmdVGMQCK1OV5oGd1Pnlc=
=aSWR
-----END PGP SIGNATURE-----

Related

openvas 10
gentoo 2
nessus 9
securityvulns 1
osv 4
prion 4
ubuntucve 4
debiancve 4
freebsd 2
cve 4
github 4
rubygems 1
openvas
openvas
Gentoo Security Advisory GLSA 200711-17 (rails)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200711-17 (rails)
2008-09-24 00:00:00
FreeBSD Ports: rubygem-rails
2008-09-04 00:00:00
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2007-11-14 00:00:00
Ruby on Rails: Multiple vulnerabilities
2009-12-20 00:00:00
nessus
nessus
GLSA-200711-17 : Ruby on Rails: Multiple vulnerabilities
2007-11-15 00:00:00
openSUSE 10 Security Update : rubygem-activesupport (rubygem-activesupport-4565)
2007-11-14 00:00:00
FreeBSD : rubygem-rails -- JSON XSS vulnerability (44fb0302-9d38-11dc-9114-001c2514716c)
2007-11-29 00:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2007-11-17 00:00:00
osv
osv
Moderate severity vulnerability that affects rails
2017-10-24 18:33:38
Moderate severity vulnerability that affects rails
2017-10-24 18:33:38
Session fixation vulnerability in Rails
2017-10-24 18:33:38
prion
prion
Design/Logic Flaw
2007-10-19 23:17:00
Cross site scripting
2007-06-14 23:30:00
Session fixation
2007-10-19 23:17:00
ubuntucve
ubuntucve
CVE-2007-5379
2007-10-19 00:00:00
CVE-2007-3227
2007-06-14 00:00:00
CVE-2007-5380
2007-10-19 00:00:00
debiancve
debiancve
CVE-2007-5379
2007-10-19 23:17:00
CVE-2007-3227
2007-06-14 23:30:00
CVE-2007-5380
2007-10-19 23:17:00
freebsd
freebsd
rubygem-rails -- JSON XSS vulnerability
2007-10-12 00:00:00
rubygem-rails -- session-fixation vulnerability
2007-11-24 00:00:00
cve
cve
CVE-2007-3227
2007-06-14 23:30:00
CVE-2007-5379
2007-10-19 23:17:00
CVE-2007-5380
2007-10-19 23:17:00
github
github
Moderate severity vulnerability that affects rails
2017-10-24 18:33:38
Moderate severity vulnerability that affects rails
2017-10-24 18:33:38
Session fixation vulnerability in Rails
2017-10-24 18:33:38
rubygems
rubygems
Moderate severity vulnerability that affects rails
2017-10-23 21:00:00
JSON
Related for SECURITYVULNS:DOC:18420
openvas10gentoo2nessus9securityvulns1osv4prion4ubuntucve4debiancve4freebsd2cve4github4rubygems1