Detections
Analytics
RHEL 6 : Ruby on Rails (RHSA-2013:0153)
high Nessus Plugin ID 119429
Language:
Synopsis
The remote Red Hat host is missing a security update for Ruby on Rails.Description
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0153 advisory.Ruby on Rails is a modelviewcontroller (MVC) framework for web application development. Action Pack implements the controller and the view components. Active Support provides support and utility classes used by the Ruby on Rails framework.
Multiple flaws were found in the way Ruby on Rails performed XML parameter parsing in HTTP requests. A remote attacker could use these flaws to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created HTTP request. (CVE-2013-0156)
Red Hat is aware that a public exploit for the CVE-2013-0156 issues is available that allows remote code execution in applications using Ruby on Rails.
All users of Red Hat OpenShift Enterprise are advised to upgrade to these updated packages, which correct these issues. For Red Hat OpenShift Enterprise administrators, the openshift-broker and openshift-console services must be restarted for this update to take effect. Users of OpenShift are advised to update their own applications that are running Ruby on Rails.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL Ruby on Rails package based on the guidance in RHSA-2013:0153.See Also
http://www.nessus.org/u?54f82ceb
https://bugzilla.redhat.com/show_bug.cgi?id=892870
https://access.redhat.com/errata/RHSA-2013:0153
https://access.redhat.com/knowledge/solutions/290903
https://access.redhat.com/security/updates/classification/#critical
Plugin Details
Severity: High
ID: 119429
File Name: redhat-RHSA-2013-0153.nasl
Version: 1.9
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 12/6/2018
Updated: 11/4/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.9
Vendor
Vendor Severity: Critical
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2013-0156
CVSS v3
Risk Factor: High
Base Score: 7.3
Temporal Score: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-actionpack-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activesupport, p-cpe:/a:redhat:enterprise_linux:rubygem-activesupport, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-actionpack, p-cpe:/a:redhat:enterprise_linux:rubygem-actionpack
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/10/2013
Vulnerability Publication Date: 1/13/2013
Exploitable With
Metasploit (Ruby on Rails XML Processor YAML Deserialization Code Execution)
Reference Information
CVE: CVE-2013-0156