This Metasploit module exploits a remote code execution vulnerability in the inline request processor of the Ruby on Rails ActionPack component. This vulnerability allows an attacker to process ERB to the inline JSON processor, which is then rendered, permitting full RCE within the runtime, without logging an error condition.
d2de2c6b1bb4cb5ee53de8e0c3f1d39c69fd1da76899559c6c2efabc0fe0d5bbRed Hat Security Advisory 2016-0455-01 - The ruby193 collection provides Ruby version 1.9.3 and Ruby on Rails version 3.2. Ruby on Rails is a model-view-controller framework for web application development. Multiple directory traversal flaws were found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use these flaws to render unexpected files and, possibly, execute arbitrary code. Various other issues were also addressed.
5e23fca79b0c6ec451a6c6582ff4e0544d04db9b021a4e0682b64cac94513735Red Hat Security Advisory 2016-0456-01 - The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails is a model-view-controller framework for web application development. A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this flaw to render unexpected files and, possibly, execute arbitrary code. Various other issues were also addressed.
c17ed99c14e99371571e1cf5ad5d8bb27d21e9e38543e028bf9cbcac1b9d92e5Red Hat Security Advisory 2016-0454-01 - The ror40 collection provides Ruby on Rails version 4.0. Ruby on Rails is a model-view-controller framework for web application development. Multiple directory traversal flaws were found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use these flaws to render unexpected files and, possibly, execute arbitrary code. Various other issues were also addressed.
10188816fb03f6f7aa272996fe2e945e37df6352f4e3f4f42e0b9c3a1a879412Debian Linux Security Advisory 3509-1 - Two vulnerabilities have been discovered in Rails, a web application framework written in Ruby. Both vulnerabilities affect Action Pack, which handles the web requests for Rails.
5787b07b986aaaac58081311ae8b2f698792ad1a872a6cff1a7b299f52078c1b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed