{"id":9061,"date":"2013-01-14T20:56:09","date_gmt":"2013-01-15T02:56:09","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=9061"},"modified":"2013-01-14T20:57:34","modified_gmt":"2013-01-15T02:57:34","slug":"attack-code-metasploit-module-released-for-serious-ruby-on-rails-bugs","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=9061","title":{"rendered":"Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs"},"content":{"rendered":"<blockquote><p>This just got (more) real: Researchers today unleashed <a href=\"http:\/\/ronin-ruby.github.com\/blog\/2013\/01\/09\/rails-pocs.html\" target=\"new\">exploit code<\/a> for a pair of newly found vulnerabilities in the popular Web application programming platform Ruby on Rails (RoR), as well as <a href=\"https:\/\/community.rapid7.com\/community\/metasploit\/blog\/2013\/01\/10\/exploiting-ruby-on-rails-with-metasploit-cve-2013-0156\" target=\"new\">a new Metasploit module<\/a> for the most serious of the two flaws, raising concerns of potentially damaging attacks to come on Web servers and databases.<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/www.darkreading.com\/database-security\/167901020\/security\/vulnerabilities\/240146008\/attack-code-metasploit-module-released-for-serious-ruby-on-rails-bugs.html.html\">Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs &#8211; Dark Reading<\/a>.<\/p>\n<blockquote><p>Security experts recommend patching RoR apps now if you have not already done so. Said O&#8217;Donnell in <a href=\"http:\/\/sfi.re\/UWVfF5\" target=\"new\">a blog post<\/a> yesterday:<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popular Web application programming platform Ruby on Rails (RoR), as well as a new Metasploit module for the most serious of &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=9061\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[284],"tags":[427,1031,869],"class_list":["post-9061","post","type-post","status-publish","format-standard","hentry","category-servers","tag-exploit","tag-metasploit","tag-web-security"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9061","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9061"}],"version-history":[{"count":3,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9061\/revisions"}],"predecessor-version":[{"id":9064,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9061\/revisions\/9064"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9061"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9061"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9061"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}