Ruby On Rails Exploit Used To Build IRC Botnet 91
Trailrunner7 writes "Developers who have not updated their Ruby on Rails installations with a five-month-old security patch would do well to secure the Web development framework now. Exploit code has surfaced for CVE-2013-0156 that is being used to build a botnet of compromised servers. Exploit code has been publicly available since the vulnerability was disclosed in January on Github and Metasploit, yet the vulnerability had not been exploited on a large scale until now, said security researcher Jeff Jarmoc."
One reason your web server firewall might want to block IRC connections to arbitrary hosts.
Re:Hah! (Score:2, Informative)
Its a poorly designed flavour of the month language with a poorly designed API intended for web use all wrapped up in a stupid alliterative name
Re:Hah! (Score:5, Informative)
(1) Rails and Ruby was virtually unheard of until 2007-2008 and definitely was not in mainstream use until that time.
(2) This vulnerability has nothing to do with "cryptographic key"; it is related to the fact that default YAML parser allows serializing/deserializing and executing arbitrary Ruby code (including objects) and ActiveSupport didn't properly sanitize the input.