Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/px000190/public_html/library/db_connection.php on line 21

Warning: Cannot modify header information - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 66

Warning: Cannot modify header information - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 67

Warning: Cannot modify header information - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 68

Warning: Cannot modify header information - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 69

Warning: Cannot modify header information - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 70

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 73

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/start_session.php on line 73

Warning: Cannot modify header information - headers already sent by (output started at /home/px000190/public_html/library/db_connection.php:21) in /home/px000190/public_html/library/bootstrap.php on line 36
Mushapps

Critical Rails vulnerabilities discovered, lets attackers bypass authentication, perform DoS attacks

Posted by admin at Jan 9th, 2013 10:40 Uncategorized

Following earlier security issues, major vulnerabilities have been discovered in Ruby on Rails, the highly popular Ruby framework used by massive services like GitHub and Hulu. The issues, which are the result of weaknesses in “the parameter parsing code,” allow attackers to “bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application.”

In response to the bug, a Rails patch has been released to resolve these “extremely critical security fixes.” According to the announcement, “all users running an affected release should either upgrade or use one of thework arounds *immediately*.” The following updates are now available: 3.2.11, 3.1.10, 3.0.19 and 2.3.15.

Rails contributor Aaron Patterson detailed the impact of the issues:

The parameter parsing code of Ruby on Rails allows applications to automatically cast values from strings to certain data types. Unfortunately the type casting code supported certain conversions which were not suitable for performing on user-provided data including creating Symbols and parsing YAML. These unsuitable conversions can be used by an attacker to compromise a Rails application.

 

Given the popularity of Rails, issues such as these are particularly worrisome. The vulnerability was apparently reported by numerous people, including Murphy, Magnus Holm, Felix Wilhelm, Darcy Laycock, Jonathan Rudenberg, Bryan Helmkamp, Benoist Claassen and Charlie Somerville.

A less-frightening issue regarding unsafe query generation was also announced today.

For more on past Rails security vulnerabilities, head here. You can also check out TNW’s dedicated Design & Dev channel.