Debian DSA-2604-1 : rails - insufficient input validation

high Nessus Plugin ID 63457

Synopsis

The remote Debian host is missing a security-related update.

Description

It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on the application.

Solution

Upgrade the rails packages.

For the stable distribution (squeeze), this problem has been fixed in version 2.3.5-1.2+squeeze4.1.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697722

https://packages.debian.org/source/squeeze/rails

https://www.debian.org/security/2013/dsa-2604

Plugin Details

Severity: High

ID: 63457

File Name: debian_DSA-2604.nasl

Version: 1.13

Type: local

Agent: unix

Published: 1/10/2013

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:6.0, p-cpe:/a:debian:debian_linux:rails

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/9/2013

Exploitable With

Metasploit (Ruby on Rails XML Processor YAML Deserialization Code Execution)

Reference Information

CVE: CVE-2013-0156

BID: 57187

DSA: 2604