Signature Detail

HTTP: Ruby on Rails Where Hash SQL Injection

This signature detects attempts to exploit a known vulnerability against Ruby on Rails. It is due to an improper input validation error while handling hash values. A remote attacker could exploit this vulnerability by sending malicious SQL code as part of the vulnerable parameter via a specially crafted URL, possibly leading to manipulation of data in the database or information disclosure.

Extended Description

Ruby on Rails is prone to an SQL-injection vulnerability. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The vulnerability is fixed in the following versions: Ruby on Rails 3.0.14, 3.1.6 and 3.2.6.

Affected Products

• Red Hat Fedora 16
• Red Hat Fedora 17
• Ruby on Rails 3.0.0
• Ruby on Rails 3.0.1
• Ruby on Rails 3.0.10
• Ruby on Rails 3.0.11
• Ruby on Rails 3.0.12
• Ruby on Rails 3.0.13
• Ruby on Rails 3.0.2
• Ruby on Rails 3.0.3
• Ruby on Rails 3.0.4
• Ruby on Rails 3.0.5
• Ruby on Rails 3.0.6
• Ruby on Rails 3.0.7
• Ruby on Rails 3.0.8
• Ruby on Rails 3.1.0.rc5
• Ruby on Rails 3.1.0.rc6
• Ruby on Rails 3.1.2
• Ruby on Rails 3.1.4
• Ruby on Rails 3.1.5
• Ruby on Rails 3.2.2
• Ruby on Rails 3.2.4
• SuSE openSUSE 11.4
• SuSE openSUSE 12.1
• SuSE Studio Extension for System z 1.2
• SuSE Studio Onsite 1.2
• SuSE Studio Standard Edition 1.2
• SuSE SUSE Linux Enterprise SDK 11 SP1
• SuSE SUSE Linux Enterprise SDK 11 SP2
• SuSE WebYaST 1.2

References

• BugTraq: 53970
• CVE: CVE-2012-2695