Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: SQL injection attacks...

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SQL injection... "lasimp04risioned"

    FYI...

    SQL injection... "lasimp04risioned"
    - https://isc.sans.edu/diary.html?storyid=13813
    Last Updated: 2012-07-31 21:47:00 UTC - "It's been a while since we published the diary about the lilupophilupop SQL injection ( https://isc.sans.edu/diary.html?storyid=12127 ) that back in January had infected LOTS of web sites. But guess what, they are b-aaa-ck, and are trying pretty much the same thing... decoded looks as...
    <script src="http ://lasimp04risioned. rr.nu/sl.php"></script> ...
    Searching for the injected "lasimp04risioned" URL via Google shows that the bad guys don't seem to be as 'successful' with this attack as last time, but this can change..."

    2012-08-01 11:55:15 UTC: https://isc.sans.edu/diary.html?storyid=13813#comment
    (Also seen) ... <script src="http ://xinthesidersdown .com/sl.php"></script> ...

    2012-08-02 16:29 UTC: https://isc.sans.edu/diary.html?storyid=13813#comment
    ... hxxp: //eighbo02rsbarr. rr.nu/sl.php...

    Last edited by AplusWebMaster; 2012-08-03 at 01:23.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #12
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation SQL injection vuln - all Ruby on Rails...

    FYI...

    SQL injection vuln - all Ruby on Rails...
    - http://h-online.com/-1776203
    3 Jan 2013 - "The Ruby on Rails developers are warning of an SQL injection vulnerability that affects all current versions of the web framework. New releases of Ruby on Rails – 3.2.10, 3.1.9 and 3.0.18 – are now available. It is recommended that all users update immediately. For users unable to update, there are patches available* for supported versions 3.2 and 3.1 and older versions 3.0 and 2.3. The problem, according to the advisory, is that, because of the way dynamic finders in ActiveRecord extract options from method parameters, a method parameter can be used as a scope and by carefully manipulating that scope, users can inject arbitrary SQL..."
    * http://weblog.rubyonrails.org/2013/1...been-released/
    Jan 2, 2013

    - https://secunia.com/advisories/51697/
    Last Update: 2013-01-04
    Criticality level: Moderately critical
    Impact: Manipulation of data
    Where: From remote
    ... vulnerability is reported in versions prior to 3.0.18, prior to 3.1.9, and prior to 3.2.10.
    Solution: Update to version 3.2.10, 3.1.9, or 3.0.18 or apply patch**.
    ** https://groups.google.com/forum/?fro...ty/DCNTNp_qjFM
    ___

    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-5664
    Last revised: 01/08/2013 - "... consult CVE-2012-6496 and CVE-2012-6497 to determine which ID is appropriate..."
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-6496 - 7.5 (HIGH)
    Last revised: 01/07/2013
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-6497 - 5.0
    Last revised: 01/04/2013

    Last edited by AplusWebMaster; 2013-01-10 at 06:23.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #13
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Ruby on Rails - Unsafe Queries ...

    FYI...

    Ruby on Rails - Unsafe Queries ...
    - http://www.securitytracker.com/id/1027960
    CVE Reference: CVE-2013-0155
    Jan 9 2013
    Impact: Modification of system information
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): 3.x prior to versions 3.0.19, 3.1.10, and 3.2.11
    Description: A vulnerability was reported in Ruby on Rails. A remote user can generate unsafe queries...
    The vendor's advisories are available at:
    - http://weblog.rubyonrails.org/2013/1...been-released/
    Jan 8, 2013 - "... two extremely critical security fixes so please update IMMEDIATELY..."
    - https://groups.google.com/forum/?fro...ty/t1WFuuQyavI

    - http://www.securitytracker.com/id/1027961
    CVE Reference: CVE-2013-0156
    Jan 9 2013
    Impact: Denial of service via network, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): 2.x and 3.x prior to versions 2.3.15, 3.0.19, 3.1.10, and 3.2.11
    Description: A vulnerability was reported in Ruby on Rails. A remote user can bypass authentication systems, inject SQL commands, inject and execute arbitrary code, and cause denial of service conditions...
    The vendor's advisories are available at:
    - http://weblog.rubyonrails.org/2013/1...been-released/
    - https://groups.google.com/forum/#!to...ty/61bkgvnSGTQ
    Jan 8, 2013 - "... either upgrade or use one of the work arounds *immediately*..."

    - https://community.rapid7.com/communi...-cve-2013-0156
    HD Moore - Jan 9, 2013

    - https://secunia.com/advisories/51753/
    Release Date: 2013-01-09
    Criticality level: Highly critical
    Impact: System access
    Where: From remote...
    Solution Status: Vendor Patch
    CVE Reference(s): CVE-2013-0155, CVE-2013-0156

    - http://h-online.com/-1780073
    9 Jan 2013

    Last edited by AplusWebMaster; 2013-01-10 at 06:26.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •