[olug] [OT] Remote Exploit Ruby on Rails Websites

Rob Townley rob.townley at gmail.com
Wed Jan 9 13:52:10 UTC 2013

Previous message: [olug] Anyone know anything about adtran nat?
Next message: [olug] Old unix/linux/programming magazines
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

HDMoore of MetaSploit uses RubyOnRails and takes this exploit
seriously ... i do not think he slept last night judging by his
tweets.
Reminds me of how Internet Explorer would parse and act upon HTML in a
.txt file.

CVE-2013-0156
https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156

Previous message: [olug] Anyone know anything about adtran nat?
Next message: [olug] Old unix/linux/programming magazines
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the OLUG mailing list