Family: CGI abuses --> Category: mixed
Ruby on Rails Routing Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Tries to hang Ruby on Rails
Detailed Explanation for this Vulnerability Test
The remote web server is affected by a code evaluation issue.
The remote web server appears to be using a version of Ruby on Rails,
an open-source web framework, that has a flaw in its routing code that
can lead to the the evaluation of Ruby code through the URL.
Successful exploitation of this issue can result in a denial of
service or even data loss.
See also :
Either apply the appropriate patch referenced in the vendor advisory
above or upgrade to Ruby on Rails 1.1.6 or later.
High / CVSS Base Score : 7.0
Click HERE for more information and discussions on this network vulnerability scan.