Test ID:	1.3.6.1.4.1.25623.1.0.901187
Category:	Web application abuses
Title:	Ruby on Rails Security Bypass and SQL Injection Vulnerabilities
Summary:	Ruby on Rails is prone to security bypass and SQL injection vulnerabilities.
Description:	Summary: Ruby on Rails is prone to security bypass and SQL injection vulnerabilities. Vulnerability Insight: - The filtering code does not properly work for case insensitive file systems, which can be exploited to bypass the filter by varying the case in certain action parameters. - Input passed to the 'limit()' function is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Vulnerability Impact: Successful exploitation will allow attackers to bypass certain security restrictions and conduct SQL injection attacks. Affected Software/OS: Ruby on Rails versions 3.x before 3.0.4. Solution: Upgrade to Ruby on Rails version 3.0.4 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0448 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html https://github.com/rails/rails/commit/354da43ab0a10b3b7b3f9cb0619aa562c3be8474 http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain http://securitytracker.com/id?1025063 http://secunia.com/advisories/43278 http://www.vupen.com/english/advisories/2011/0877 Common Vulnerability Exposure (CVE) ID: CVE-2011-0449 http://groups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain http://securitytracker.com/id?1025061
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.