Skip to content

Commit cc37444

Browse files
jasnowRubySec CI
jasnow
authored and
RubySec CI
committed
Updated advisory posts against rubysec/ruby-advisory-db@8ba0f94 
1 parent 35bcf75 commit cc37444

File tree

1 file changed

+46
-0
lines changed

1 file changed

+46
-0
lines changed

advisories/_posts/2013-04-21-CVE-2013-3221.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
---
2+
layout: advisory
3+
title: 'CVE-2013-3221 (activerecord): Data-type injection vulnerability'
4+
comments: false
5+
categories:
6+
- activerecord
7+
- rails
8+
advisory:
9+
gem: activerecord
10+
framework: rails
11+
cve: 2013-3221
12+
ghsa: f57c-hx33-hvh8
13+
url: https://nvd.nist.gov/vuln/detail/CVE-2013-3221
14+
title: Data-type injection vulnerability
15+
date: 2013-04-21
16+
description: |
17+
The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x,
18+
and 3.2.x does not ensure that the declared data type of a database
19+
column is used during comparisons of input values to stored values
20+
in that column, which makes it easier for remote attackers to
21+
conduct data-type injection attacks against Ruby on Rails applications
22+
via a crafted value, as demonstrated by unintended interaction
23+
between the "typed XML" feature and a MySQL database.
24+
25+
## RELEASE INFO
26+
- Phrack writeup says that 'couple of days after the advisory the
27+
issue was "fixed" in Rails 3.2.12 as by the following commit' 921a296.
28+
But "Indeed the vector is completely fixed as of Rails 4.2 almost
29+
two years after the original advisory."
30+
cvss_v2: 6.4
31+
patched_versions:
32+
- ">= 4.2.0"
33+
related:
34+
url:
35+
- https://nvd.nist.gov/vuln/detail/CVE-2013-3221
36+
- https://github.com/rails/rails/commit/c9909db9f2f81575ef2ea2ed3b4e8743c8d6f1b9
37+
- https://github.com/rails/rails/commit/921a296a3390192a71abeec6d9a035cc6d1865c8
38+
- https://groups.google.com/group/rubyonrails-security/msg/1f3bc0b88a60c1ce
39+
- http://pl.reddit.com/r/netsec/comments/17yajp/mysql_madness_and_rails
40+
- http://openwall.com/lists/oss-security/2013/02/06/7
41+
- http://openwall.com/lists/oss-security/2013/04/24/7
42+
- https://gist.github.com/marianposaceanu/5442275
43+
- https://web.archive.org/web/20160307143147/http://www.phenoelit.org/blog/archives/2013/02/index.html
44+
- https://github.com/advisories/GHSA-f57c-hx33-hvh8
45+
- https://phrack.org/issues/69/12
46+
---

0 commit comments

Comments
 (0)