Ruby on Rails JSON Parser YAML Handling Vulnerability

by Carol~ Moderator - 1/29/13 11:16 AM

In Reply to: VULNERABILITIES / FIXES - January 29, 2013 by Carol~ Moderator

Release Date: 2013-01-29

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Ruby on Rails 2.3.x
Ruby on Rails 3.0.x

A vulnerability has been reported in Ruby on Rails, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an input validation error within the "convert_json_to_yaml()" method of the JSON Parser when decoding YAML input.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions prior to 3.0.20 and 2.3.16.

Update to version 3.0.20 or 2.3.16.

Provided and/or discovered by:
The vendor credits Lawrence Pit, Mirror42.

Original Advisory:
Ruby on Rails:!topic/rubyonrails-security/1h2DR63ViGo