Bitcoin Forum
May 07, 2024, 09:20:06 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Project Development > To All Rails Developers: SQL Injection Flaw Haunts All Ruby on Rails Versions
Pages: « 1 [2]  All
« previous topic next topic »
  Print  
Author Topic: To All Rails Developers: SQL Injection Flaw Haunts All Ruby on Rails Versions  (Read 3441 times)
dust
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1000



View Profile WWW
February 01, 2013, 04:56:45 AM
 #21
Good article on HN today: http://www.kalzumeus.com/2013/01/31/what-the-rails-security-issue-means-for-your-startup/

Quote from: Patrick
The first reported compromise of a production system was in an industry which hit the trifecta of amateurs-at-the-helm, seedy-industry-by-nature, and under-constant-attack.
Cryptocoin Mining Info | OTC | PGP | Twitter | freenode: dust-otc | BTC: 1F6fV4U2xnpAuKtmQD6BWpK3EuRosKzF8U
1715073606
Hero Member
*
Offline Offline

Posts: 1715073606

View Profile Personal Message (Offline)

Ignore
1715073606
1715073606
Reply with quote  #2
1715073606
Report to moderator
1715073606
Hero Member
*
Offline Offline

Posts: 1715073606

View Profile Personal Message (Offline)

Ignore
1715073606
1715073606
Reply with quote  #2
1715073606
Report to moderator
"Your bitcoin is secured in a way that is physically impossible for others to access, no matter for what reason, no matter how good the excuse, no matter a majority of miners, no matter what." -- Greg Maxwell
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1715073606
Hero Member
*
Offline Offline

Posts: 1715073606

View Profile Personal Message (Offline)

Ignore
1715073606
1715073606
Reply with quote  #2
1715073606
Report to moderator
1715073606
Hero Member
*
Offline Offline

Posts: 1715073606

View Profile Personal Message (Offline)

Ignore
1715073606
1715073606
Reply with quote  #2
1715073606
Report to moderator
1715073606
Hero Member
*
Offline Offline

Posts: 1715073606

View Profile Personal Message (Offline)

Ignore
1715073606
1715073606
Reply with quote  #2
1715073606
Report to moderator
dust
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1000



View Profile WWW
February 12, 2013, 05:33:13 AM
 #22
Bumping with another rails vulnerability announced today: http://www.zweitag.de/en/blog/ruby-on-rails-vulnerable-to-mass-assignment-and-sql-injection
Cryptocoin Mining Info | OTC | PGP | Twitter | freenode: dust-otc | BTC: 1F6fV4U2xnpAuKtmQD6BWpK3EuRosKzF8U
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1007


1davout


View Profile WWW
February 12, 2013, 08:58:56 AM
 #23
Quote from: dust on February 12, 2013, 05:33:13 AM
Bumping with another rails vulnerability announced today: http://www.zweitag.de/en/blog/ruby-on-rails-vulnerable-to-mass-assignment-and-sql-injection
FTR it affects only older versions of Rails, if you have upgraded after the last CVE you are not affected.
Bitcoin-Central by Paymium - Support : Open a ticket / Ouvrir un ticket - E-mail : support@bitcoin-central.net
Pages: « 1 [2]  All
  Print  
Bitcoin Forum > Bitcoin > Project Development > To All Rails Developers: SQL Injection Flaw Haunts All Ruby on Rails Versions
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!