Ubuntu Security Notice 7091-1 - It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash,[…]
Read more...This script exploits the issue noted in CVE-2024-45409 that allows an unauthenticated attacker with access to any signed SAML document issued by the IDP to forge a SAML Response/Assertion and gain access as any user on GitLab. Ruby-SAML versions below[…]
Read more...Debian Linux Security Advisory 5774-1 - It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify the signature of the SAML Response, which could result in bypass of authentication in[…]
Read more...Red Hat Security Advisory 2024-6784-03 - An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Read more...Red Hat Security Advisory 2024-6785-03 - An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
Read more...This Metasploit module attempts to identify Ruby on Rails instances vulnerable to an arbitrary object instantiation flaw in the JSON request processor.
Read more...This Metasploit module attempts to identify Ruby on Rails instances vulnerable to an arbitrary object instantiation flaw in the XML request processor.
Read more...The Devise authentication gem for Ruby on Rails is vulnerable to a password reset exploit leveraging type confusion. By submitting XML to rails, we can influence the type used for the reset_password_token parameter. This allows for resetting passwords of arbitrary[…]
Read more...This Metasploit module plays a video on an AppleTV device. Note that AppleTV can be somewhat picky about the server that hosts the video. Tested servers include default IIS, default Apache, and Rubys WEBrick. For WEBrick, the default MIME list[…]
Read more...This Metasploit module uses a path traversal vulnerability in Ruby on Rails versions 5.2.2 and below to read files on a target server.
Read more...