CVE-2006-4111

Description

Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.

Affected products

• rubyonrails / rails0.9.1 – 0.9.1
• rubyonrails / rails0.9.2 – 0.9.2
• rubyonrails / rails0.9.3 – 0.9.3
• rubyonrails / rails0.9.4 – 0.9.4
• rubyonrails / rails0.9.4.1 – 0.9.4.1
• rubyonrails / rails0.10.0 – 0.10.0
• rubyonrails / rails0.10.1 – 0.10.1
• rubyonrails / rails0.11.0 – 0.11.0
• rubyonrails / rails0.11.1 – 0.11.1
• rubyonrails / rails0.12.0 – 0.12.0
• rubyonrails / rails0.12.1 – 0.12.1
• rubyonrails / rails0.13.0 – 0.13.0
• rubyonrails / rails0.13.1 – 0.13.1
• rubyonrails / rails0.14.1 – 0.14.1
• rubyonrails / rails0.14.2 – 0.14.2
• rubyonrails / rails0.14.3 – 0.14.3
• rubyonrails / rails0.14.4 – 0.14.4
• rubyonrails / rails1.0.0 – 1.0.0
• rubyonrails / rails1.1.0 – 1.1.0
• rubyonrails / rails1.1.1 – 1.1.1
• rubyonrails / rails1.1.2 – 1.1.2
• rubyonrails / rails1.1.3 – 1.1.3
• rubyonrails / ruby_on_rails1.1.4
• rubyonrails / ruby_on_rails0.5.0 – 0.5.0
• rubyonrails / ruby_on_rails0.5.5 – 0.5.5
• rubyonrails / ruby_on_rails0.5.6 – 0.5.6
• rubyonrails / ruby_on_rails0.5.7 – 0.5.7
• rubyonrails / ruby_on_rails0.6.0 – 0.6.0
• rubyonrails / ruby_on_rails0.6.5 – 0.6.5
• rubyonrails / ruby_on_rails0.7.0 – 0.7.0
• rubyonrails / ruby_on_rails0.8.0 – 0.8.0
• rubyonrails / ruby_on_rails0.8.5 – 0.8.5
• rubyonrails / ruby_on_rails0.9.0 – 0.9.0

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/21466
• VENDOR_ADVISORYhttp://secunia.com/advisories/21749
• MISChttp://www.securityfocus.com/bid/19454
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/3237
• MISChttp://blog.koehntopp.de/archives/1367-Ruby-On-Rails-Mandatory-Mystery-Patch.html
• VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2006_21_sr.html
• MISChttp://weblog.rubyonrails.org/2006/8/9/rails-1-1-5-mandatory-security-patch-and-other-tidbits
• MISChttp://www.gentoo.org/security/en/glsa/glsa-200608-20.xml
• MISChttp://securitytracker.com/id?1016673