Ruby On Rails Exploit Used To Build IRC Botnet - Slashdot

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

×

Ruby On Rails Exploit Used To Build IRC Botnet 91

Posted by Unknown Lamer on Wednesday May 29, 2013 @10:31AM from the bad-script-kiddie dept.

Trailrunner7 writes "Developers who have not updated their Ruby on Rails installations with a five-month-old security patch would do well to secure the Web development framework now. Exploit code has surfaced for CVE-2013-0156 that is being used to build a botnet of compromised servers. Exploit code has been publicly available since the vulnerability was disclosed in January on Github and Metasploit, yet the vulnerability had not been exploited on a large scale until now, said security researcher Jeff Jarmoc." One reason your web server firewall might want to block IRC connections to arbitrary hosts.

This discussion has been archived. No new comments can be posted.

Ruby On Rails Exploit Used To Build IRC Botnet

Search 91 Comments Log In/Create an Account

Comments Filter:

Fix is here... (Score:5, Funny)

by mystikkman ( 1487801 ) writes: on Wednesday May 29, 2013 @10:48AM (#43850045)

Fix is here.
http://www.asp.net/ [asp.net]

Share
twitter facebook
Re:Is there a reason *not* to block ports? (Score:2, Funny)

by Anonymous Coward writes: on Wednesday May 29, 2013 @11:19AM (#43850363)

That's a damned good point...I wish someone would pop in here and give us some of the secret inner workings of the HOSTS file...

Parent Share
twitter facebook
Re:Hah! (Score:5, Funny)

by Tarlus ( 1000874 ) writes: on Wednesday May 29, 2013 @11:24AM (#43850441)

It's a locomotive-driven precious stone.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

One man's constant is another man's variable. -- A.J. Perlis