HTTP: Rails Routing Vulnerability
This signature detects attempts to exploit a known vulnerability against Rails v1.1.5 and earlier. A successful attack can result in a denial-of-service condition.
Extended Description
Ruby on Rails is prone to a vulnerability in its routing functionality that may result in denial-of-service or data loss issues. Attackers may exploit this issue by issuing HTTP GET requests to predictable URIs to affected webservers. This issue affects Ruby on Rails versions 1.1.0, 1.1.1, 1.1.2, 1.1.4, and 1.1.5.
Affected Products
Ubuntu ubuntu_linux
Short Name
HTTP:MISC:RAILS-ROUTING
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2006-4112 Rails Routing Vulnerability bid:19454
Release Date
08/15/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Frequently
Vendors
Ruby_on_rails
Suse
Gentoo
Ubuntu
CVSS Score
7.5