Exploit the possiblities
Showing 1 - 25 of 462 RSS Feed

Ruby Files

Using dnscat2 For Encrypted Command/Control Over DNS
Posted Jan 15, 2018
Authored by James Fell

The process of setting up and using dnscat2 is documented in this article. The tool consists of a Ruby server and a small C client, and can be used to quickly establish an encrypted covert channel between two computers over the Internet using DNS traffic. Once set up, the tool is evaluated by exfiltrating data out of a network that has a pfSense firewall at the perimeter blocking direct outbound DNS requests from client machines, and also running the Snort IDS. It is is seen that a reverse shell is successfully sent out of the network and no IDS alerts are generated.

tags | paper, shell, ruby
MD5 | 546258ea9351502c0d3aaad5bf6cfb05
Ubuntu Security Notice USN-3528-1
Posted Jan 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3528-1 - It was discovered that Ruby incorrectly handled certain terminal emulator escape sequences. An attacker could use this to execute arbitrary code via a crafted user name. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that Ruby incorrectly handled certain strings. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17790
MD5 | dc434c8e6d1bb07724a5d915b4e77117
Ubuntu Security Notice USN-3515-1
Posted Jan 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3515-1 - It was discovered that Ruby allows FTP command injection. An attacker could use this to cause arbitrary command execution.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2017-17405
MD5 | f7b58732c56f4b529a4dc406db0c50ed
Red Hat Security Advisory 2017-3485-01
Posted Dec 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064
MD5 | 3600c3f840b4088b74aad6855538448c
Red Hat Security Advisory 2017-3484-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3484-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. CloudForms Management Engine Appliance. CloudForms Management Engine Gemset. Multiple security issues have been addressed.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-2664
MD5 | 664a0547e1fd2c77754dc2ae4f23b341
Debian Security Advisory 4031-1
Posted Nov 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4031-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2017-0898, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033
MD5 | 972ec8e478a4d320e8e4ad4533c5b816
Red Hat Security Advisory 2017-3005-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3005-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. The following packages have been upgraded to a later upstream version: ansible-tower, cfme, cfme-appliance, cfme-gemset, rabbitmq-server, rh-ruby23-rubygem-nokogiri, supervisor.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-11610, CVE-2017-12148
MD5 | c576c19eef4d1a1880fd3f33169b8b2c
Gentoo Linux Security Advisory 201710-18
Posted Oct 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-18 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.2.8 are affected.

tags | advisory, remote, arbitrary, vulnerability, ruby
systems | linux, gentoo
advisories | CVE-2016-2337, CVE-2017-0898, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064
MD5 | 89d9e24a5dcaa9215ac841ad02d0e501
Ubuntu Security Notice USN-3439-1
Posted Oct 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3439-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. Yusuke Endoh discovered that Ruby incorrectly handled certain files. An attacker could use this to execute terminal escape sequences. Yusuke Endoh discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, ruby
systems | linux, ubuntu
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064
MD5 | acf4ee6763f726b90e15eafb6a7cecd7
Slackware Security Advisory - ruby Updates
Posted Sep 19, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ruby packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory, ruby
systems | linux, slackware
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064
MD5 | 47bd1d75998a355fce517007a4e68807
Red Hat Security Advisory 2017-2596-01
Posted Sep 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2596-01 - Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby, and Smalltalk. It seamlessly integrates with all existing Java objects and libraries and compiles straight to Java bytecode so you can use it anywhere you can use Java. Security Fix: Multiple object deserialization flaws were discovered in the MethodClosure class in Groovy. A specially crafted serialized object deserialized by an application using the Groovy library could cause the application to execute arbitrary code.

tags | advisory, java, arbitrary, python, ruby
systems | linux, redhat
advisories | CVE-2015-3253, CVE-2016-6814
MD5 | 436115415533ea2a3f8f56bb943da1ee
Red Hat Security Advisory 2017-2486-01
Posted Aug 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2486-01 - Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby, and Smalltalk. It seamlessly integrates with all existing Java objects and libraries and compiles straight to Java bytecode so you can use it anywhere you can use Java. Security Fix: It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.

tags | advisory, java, remote, code execution, python, ruby
systems | linux, redhat
advisories | CVE-2016-6814
MD5 | 5b48c38a82a5183a49596ef0d8575696
Red Hat Security Advisory 2017-1758-01
Posted Aug 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1758-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components.

tags | advisory, remote, web, ruby
systems | linux, redhat
advisories | CVE-2016-7047, CVE-2017-2664, CVE-2017-7497, CVE-2017-7530
MD5 | fe93f01d1cd8e7ef560224b2f2389d9a
Ubuntu Security Notice USN-3365-1
Posted Jul 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3365-1 - It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby OpenSSL extension incorrectly handled hostname wildcard matching. This issue only applied to Ubuntu 14.04 LTS. Christian Hofstaedtler discovered that Ruby Fiddle::Handle incorrectly handled certain crafted strings. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2009-5147, CVE-2015-1855, CVE-2015-7551, CVE-2015-9096, CVE-2016-2337, CVE-2016-2339, CVE-2016-7798
MD5 | a6af5cc73212f069a7f0d48255978f2f
Red Hat Security Advisory 2017-1601-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1601-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. rh-ruby23-rubygem-nokogiri provides Nokogiri, which is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents using XPath or CSS3 selectors. rh-ruby23-rubygem-ovirt-engine-sdk4 provides the ruby SDK for the oVirt Engine API.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2016-4457, CVE-2016-7047, CVE-2017-7497
MD5 | 445fd5cb0824cb408c522dedc70efea6
Red Hat Security Advisory 2017-1367-01
Posted May 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1367-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time, however if an attacker were able to man-in-the-middle an administrator while installing the new certificate the attacker could get a copy of the private key uploaded allowing for future attacks.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2016-4457, CVE-2017-2639
MD5 | 2cc36a54f3b8776f87f8d5727094be06
Red Hat Security Advisory 2017-0898-01
Posted Apr 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0898-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: A number of unused delete routes are present in CloudForms which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protect_from_forgery XSRF protection causing the routes to be used. This attack would require additional cross-site scripting or similar attacks in order to execute.

tags | advisory, web, xss, ruby
systems | linux, redhat
advisories | CVE-2017-2653
MD5 | 45af748afc5d4df8b78db2ab572c2521
Github Enterprise Default Session Secret And Deserialization
Posted Mar 27, 2017
Authored by sinn3r, iblue | Site metasploit.com

This Metasploit module exploits two security issues in Github Enterprise, version 2.8.0 - 2.8.6. The first is that the session management uses a hard-coded secret value, which can be abused to sign a serialized malicious Ruby object. The second problem is due to the use of unsafe deserialization, which allows the malicious Ruby object to be loaded, and results in arbitrary remote code execution. This exploit was tested against version 2.8.0.

tags | exploit, remote, arbitrary, code execution, ruby
MD5 | ca3b7f3ca2be9221feac2054c941ad33
Debian Security Advisory 3801-1
Posted Mar 6, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3801-1 - It was discovered that ruby-zip, a Ruby module for reading and writing zip files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.

tags | advisory, arbitrary, ruby
systems | linux, debian
advisories | CVE-2017-5946
MD5 | df65cf6647674ff7ccc611174152a741
Red Hat Security Advisory 2017-0320-01
Posted Feb 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0320-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view controller framework for web application development. Action Pack implements the controller and the view components. This update fixes various bugs and adds several enhancements.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-2632
MD5 | e8ea9adb8555545f03a504ded6d5b6b9
Gentoo Linux Security Advisory 201702-32
Posted Feb 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-32 - Ruby Archive::Tar::Minitar is vulnerable to a directory traversal attack. Versions prior to 0.6.1 are affected.

tags | advisory, ruby
systems | linux, gentoo
advisories | CVE-2016-10173
MD5 | 089ece30a4fb0e4bcad317e23b7d11a3
Debian Security Advisory 3778-1
Posted Feb 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3778-1 - Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.

tags | advisory, arbitrary, ruby
systems | linux, debian, osx
advisories | CVE-2016-10173
MD5 | b910898d8052c81fee3aa14c5a0848f5
Red Hat Security Advisory 2016-2839-01
Posted Nov 30, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2839-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as.

tags | advisory, remote, web, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2016-5402
MD5 | f4dd89e83fa0c97433d21bfaab95f095
Red Hat Security Advisory 2016-2091-01
Posted Oct 20, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2091-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: CloudForms did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM.

tags | advisory, remote, web, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2016-7071
MD5 | 5cd5d1459e00d917cc5c29c61f10d67d
Ruby on Rails Dynamic Render File Upload Remote Code Execution
Posted Oct 13, 2016
Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in the explicit render method when leveraging user parameters. This Metasploit module has been tested across multiple versions of Ruby on Rails. The technique used by this module requires the specified endpoint to be using dynamic render paths. Also, the vulnerable target will need a POST endpoint for the TempFile upload, this can literally be any endpoint. This Metasploit module does not use the log inclusion method of exploitation due to it not being universal enough. Instead, a new code injection technique was found and used whereby an attacker can upload temporary image files against any POST endpoint and use them for the inclusion attack. Finally, you only get one shot at this if you are testing with the builtin rails server, use caution.

tags | exploit, remote, code execution, file upload, ruby
advisories | CVE-2016-0752
MD5 | 330df82eae0981c2ca7cc8777a63a53c
Page 1 of 19
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    1 Files
  • 22
    Jan 22nd
    15 Files
  • 23
    Jan 23rd
    12 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close