[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2014-3712 Katello: user parameters passed to to_sym
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2014-10-22 16:55:33
Message-ID: 5447E185.2030303 () redhat ! com
[Download RAW message or body]
Jan Rusnacko of Red Hat reports:
Katello code exposes potential to_sym Denial of Service attack vector
from user input parameters. The two places identified are:
https://github.com/Katello/katello/blob/9231e24f93fa804e557fc95637cfa2c5bb92f6a7/app/controllers/katello/content_search_controller.rb#L617
https://github.com/Katello/katello/blob/9231e24f93fa804e557fc95637cfa2c5bb92f6a7/app/controllers/katello/api/api_controller.rb#L87
This type of attack is documented here -
http://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Secure_Ruby_Development_Guide/RubySymbols.html
This has been confirmed in testing by Eric Helms of Red Hat.
cvss2=3.5/AV:N/AC:M/Au:S/C:N/I:N/A:P
--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic