Click here to get twenty dollars off Webhosting at DreamHost
Powered by MaxBlogPress 

Multiple Security Holes Found In Ruby 1.8 and 1.9



July 9th, 2008 19:49 pm | by Ed |

Of interest to Ruby Programmers I just read about some serious vulnerabilities were discovered in Ruby by Drew Yao, a member of Apple's security team.

According to the article about it that I read, these vulnerabilities could be exploited to allow the execution of arbitrary code or lead to a denial of service situation. It also makes it pretty clear that these holes are "exploitable from trivial user-specified parameters", which means that it's entirely possible for a knowledgeable user to compromise a ruby application.

Fortunately, there are patches available to fix these vulnerabilities in both versions 1.8 and 1.9

Technorati Tags: arbitrary code execution, exploit, user specified parameters, security, denial of service, vulnerability, ruby

Be Sociable, Share!
  • email
If you enjoyed this post, make sure you subscribe to my RSS feed!
Want to link to this post?
Just copy this code and paste it on your site where you want the link to appear:

No Comments

Sorry, the comment form is closed at this time.