UNKNOWN RubyGems
Rack arbitrary code execution via timing attack
GHSA-xc85-32mf-xpv8 · CVE-2013-0263
Published · Modified
Description
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2013-0263
- WEB https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
- WEB https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
- WEB https://bugzilla.redhat.com/show_bug.cgi?id=909071
- WEB https://gist.github.com/codahale/f9f3781f7b54985bee94
- WEB https://github.com/rack/rack
- WEB https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J
- WEB https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ
- WEB https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ
- WEB https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ
- WEB https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ
- WEB http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html
- WEB http://rhn.redhat.com/errata/RHSA-2013-0686.html
- WEB http://www.debian.org/security/2013/dsa-2783
Ready to move
Start Securing
Free, no credit card | First findings in minutes