Vulnerabilities > CVE-2012-6109 - Unspecified vulnerability in Rack Project Rack
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN rack-project
nessus
Summary
lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-0544.NASL description Red Hat Subscription Asset Manager 1.2, which fixes several security issues, multiple bugs, and adds various enhancements, is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Subscription Asset Manager acts as a proxy for handling subscription information and software updates on client machines. It was discovered that Katello did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to download consumer certificates or change settings of other users last seen 2020-06-01 modified 2020-06-02 plugin id 65172 published 2013-03-10 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/65172 title RHEL 6 : Subscription Asset Manager (RHSA-2013:0544) NASL family Fedora Local Security Checks NASL id FEDORA_2013-0861.NASL description Fixes for CVE-2011-6109, CVE-2013-0183 and CVE-2013-0184. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-01-28 plugin id 64253 published 2013-01-28 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64253 title Fedora 17 : rubygem-rack-1.4.0-3.fc17 (2013-0861) NASL family Fedora Local Security Checks NASL id FEDORA_2013-0837.NASL description Fixes for CVE-2011-6109, CVE-2013-0183 and CVE-2013-0184. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-01-28 plugin id 64251 published 2013-01-28 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64251 title Fedora 18 : rubygem-rack-1.4.0-4.fc18 (2013-0837) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201405-10.NASL description The remote host is affected by the vulnerability described in GLSA-201405-10 (Rack: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Rack. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 74053 published 2014-05-19 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74053 title GLSA-201405-10 : Rack: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-152.NASL description The Ruby on Rails 2.3 stack was updated to 2.3.17. The Ruby on Rails 3.2 stack was updated to 3.2.12. The Ruby Rack was updated to 1.1.6. The Ruby Rack was updated to 1.2.8. The Ruby Rack was updated to 1.3.10. The Ruby Rack was updated to 1.4.5. The updates fix various security issues and bugs. - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277 : - update to version 3.2.12 (bnc#803336) CVE-2013-0276 : - update to version 3.2.12 (bnc#803336) CVE-2013-0276: issue with attr_protected where malformed input could circumvent protection - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277 : - Fix issue with attr_protected where malformed input could circumvent protection - Fix Serialized Attributes YAML Vulnerability - update to version 2.3.17 (bnc#803336, bnc#803339) CVE-2013-0276 CVE-2013-0277 : - Fix issue with attr_protected where malformed input could circumvent protection - Fix Serialized Attributes YAML Vulnerability - update to version 3.2.12 (bnc#803336) CVE-2013-0276 : - Quote numeric values being compared to non-numeric columns. Otherwise, in some database, the string column values will be coerced to a numeric allowing 0, 0.0 or false to match any string starting with a non-digit. - update to 1.1.6 (bnc#802794) - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - update to 1.2.8 (bnc#802794) - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - update to 1.3.10 (bnc#802794) - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - ruby rack update to 1.4.5 (bnc#802794 bnc#802795) - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie - Fix CVE-2013-0262, symlink path traversal in Rack::File - ruby rack update to 1.4.4 (bnc#798452) - [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings (CVE-2013-0184) - ruby rack changes from 1.4.3 - Security: Prevent unbounded reads in large multipart boundaries (CVE-2013-0183) - ruby rack changes from 1.4.2 (CVE-2012-6109) - Add warnings when users do not provide a session secret - Fix parsing performance for unquoted filenames - Updated URI backports - Fix URI backport version matching, and silence constant warnings - Correct parameter parsing with empty values - Correct rackup last seen 2020-06-05 modified 2014-06-13 plugin id 74900 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74900 title openSUSE Security Update : RubyOnRails (openSUSE-SU-2013:0338-1) NASL family Fedora Local Security Checks NASL id FEDORA_2013-0896.NASL description Fixes for CVE-2011-6109, CVE-2013-0183 and CVE-2013-0184. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-01-28 plugin id 64254 published 2013-01-28 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64254 title Fedora 16 : rubygem-rack-1.3.0-3.fc16 (2013-0896)
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://rhn.redhat.com/errata/RHSA-2013-0548.html
- https://bugzilla.redhat.com/show_bug.cgi?id=895277
- http://rack.github.com/
- https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5
- http://rhn.redhat.com/errata/RHSA-2013-0544.html
- https://github.com/rack/rack/blob/master/README.rdoc
- https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ