Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:RUBYONRAILS-XMLYAML-RCE

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Ruby on Rails XML Parameter Parsing Remote Code Execution

Release Date

 2013/01/11

Update Number

 2224

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Ruby on Rails XML Parameter Parsing Remote Code Execution


This signature detects attempts to exploit a known vulnerability against applications developed using Ruby on Rails. A successful attack can lead to arbitrary code execution.

Extended Description

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.

Affected Products

  • Debian debian_linux 6.0
  • Debian debian_linux 7.0
  • Rubyonrails rails 3.2.0
  • Rubyonrails rails 3.2.1
  • Rubyonrails rails 3.2.10
  • Rubyonrails rails 3.2.2
  • Rubyonrails rails 3.2.3
  • Rubyonrails rails 3.2.4
  • Rubyonrails rails 3.2.5
  • Rubyonrails rails 3.2.6
  • Rubyonrails rails 3.2.7
  • Rubyonrails rails 3.2.8
  • Rubyonrails rails 3.2.9
  • Rubyonrails ruby_on_rails 0.10.0
  • Rubyonrails ruby_on_rails 0.10.1
  • Rubyonrails ruby_on_rails 0.11.0
  • Rubyonrails ruby_on_rails 0.11.1
  • Rubyonrails ruby_on_rails 0.12.0
  • Rubyonrails ruby_on_rails 0.12.1
  • Rubyonrails ruby_on_rails 0.13.0
  • Rubyonrails ruby_on_rails 0.13.1
  • Rubyonrails ruby_on_rails 0.14.1
  • Rubyonrails ruby_on_rails 0.14.2
  • Rubyonrails ruby_on_rails 0.14.3
  • Rubyonrails ruby_on_rails 0.14.4
  • Rubyonrails ruby_on_rails 0.5.0
  • Rubyonrails ruby_on_rails 0.5.5
  • Rubyonrails ruby_on_rails 0.5.6
  • Rubyonrails ruby_on_rails 0.5.7
  • Rubyonrails ruby_on_rails 0.6.0
  • Rubyonrails ruby_on_rails 0.6.5
  • Rubyonrails ruby_on_rails 0.7.0
  • Rubyonrails ruby_on_rails 0.8.0
  • Rubyonrails ruby_on_rails 0.8.5
  • Rubyonrails ruby_on_rails 0.9.0
  • Rubyonrails ruby_on_rails 0.9.1
  • Rubyonrails ruby_on_rails 0.9.2
  • Rubyonrails ruby_on_rails 0.9.3
  • Rubyonrails ruby_on_rails 0.9.4
  • Rubyonrails ruby_on_rails 0.9.4.1
  • Rubyonrails ruby_on_rails 1.0.0
  • Rubyonrails ruby_on_rails 1.1.0
  • Rubyonrails ruby_on_rails 1.1.1
  • Rubyonrails ruby_on_rails 1.1.2
  • Rubyonrails ruby_on_rails 1.1.3
  • Rubyonrails ruby_on_rails 1.1.4
  • Rubyonrails ruby_on_rails 1.1.5
  • Rubyonrails ruby_on_rails 1.1.6
  • Rubyonrails ruby_on_rails 1.2.0
  • Rubyonrails ruby_on_rails 1.2.1
  • Rubyonrails ruby_on_rails 1.2.2
  • Rubyonrails ruby_on_rails 1.2.3
  • Rubyonrails ruby_on_rails 1.2.4
  • Rubyonrails ruby_on_rails 1.2.5
  • Rubyonrails ruby_on_rails 1.2.6
  • Rubyonrails ruby_on_rails 1.9.3
  • Rubyonrails ruby_on_rails 1.9.5
  • Rubyonrails ruby_on_rails 2.0.0
  • Rubyonrails ruby_on_rails 2.0.1
  • Rubyonrails ruby_on_rails 2.0.2
  • Rubyonrails ruby_on_rails 2.0.4
  • Rubyonrails ruby_on_rails 2.1
  • Rubyonrails ruby_on_rails 2.1.0
  • Rubyonrails ruby_on_rails 2.1.1
  • Rubyonrails ruby_on_rails 2.1.2
  • Rubyonrails ruby_on_rails 2.2.0
  • Rubyonrails ruby_on_rails 2.2.1
  • Rubyonrails ruby_on_rails 2.2.2
  • Rubyonrails ruby_on_rails 2.3.0
  • Rubyonrails ruby_on_rails 2.3.1
  • Rubyonrails ruby_on_rails 2.3.10
  • Rubyonrails ruby_on_rails 2.3.11
  • Rubyonrails ruby_on_rails 2.3.12
  • Rubyonrails ruby_on_rails 2.3.13
  • Rubyonrails ruby_on_rails 2.3.14
  • Rubyonrails ruby_on_rails 2.3.2
  • Rubyonrails ruby_on_rails 2.3.3
  • Rubyonrails ruby_on_rails 2.3.4
  • Rubyonrails ruby_on_rails 2.3.9
  • Rubyonrails ruby_on_rails 3.0.0
  • Rubyonrails ruby_on_rails 3.0.1
  • Rubyonrails ruby_on_rails 3.0.10
  • Rubyonrails ruby_on_rails 3.0.11
  • Rubyonrails ruby_on_rails 3.0.12
  • Rubyonrails ruby_on_rails 3.0.13
  • Rubyonrails ruby_on_rails 3.0.14
  • Rubyonrails ruby_on_rails 3.0.16
  • Rubyonrails ruby_on_rails 3.0.17
  • Rubyonrails ruby_on_rails 3.0.18
  • Rubyonrails ruby_on_rails 3.0.2
  • Rubyonrails ruby_on_rails 3.0.3
  • Rubyonrails ruby_on_rails 3.0.4
  • Rubyonrails ruby_on_rails 3.0.5
  • Rubyonrails ruby_on_rails 3.0.6
  • Rubyonrails ruby_on_rails 3.0.7
  • Rubyonrails ruby_on_rails 3.0.8
  • Rubyonrails ruby_on_rails 3.0.9
  • Rubyonrails ruby_on_rails 3.1.0
  • Rubyonrails ruby_on_rails 3.1.1
  • Rubyonrails ruby_on_rails 3.1.2
  • Rubyonrails ruby_on_rails 3.1.2rc1
  • Rubyonrails ruby_on_rails 3.1.3
  • Rubyonrails ruby_on_rails 3.1.4
  • Rubyonrails ruby_on_rails 3.1.5
  • Rubyonrails ruby_on_rails 3.1.6
  • Rubyonrails ruby_on_rails 3.1.7
  • Rubyonrails ruby_on_rails 3.1.8
  • Rubyonrails ruby_on_rails 3.1.9

References

  • BugTraq: 57187
  • CVE: CVE-2013-0156
  • URL: https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out