We must thank IT virtualization as it led us to cloud technology. Today's IT infrastructures are already running their mission critical business applications on virtual machines. Like the physical infrastructure, virtualization is also cursed with cyber security challenges. This article talks about a typical open source virtualization solution and depicts the steps to secure its.
Ruby on Rails
Ruby on Rails is modular, easy-to-read, and broadly supported by legions of loyal developers. Many of the world's most trafficked websites have relied on Rails to deliver scalable and highly available web services. As per the CVE database:
• Arbitrary File Existence Disclosure in Sprockets
CVE: 2015-7819
Description: Available as Ruby Gem or Rails plugin, Sprockets is a dependency management and concatenation library for managing JavaScript files in web applications. If exploited, this vulnerability can allow remote attackers to determine if a file exists in the system outside of the web root directory. This vulnerability affects all versions of Rails.
Solution: Set config.serve_static_assets = false in an initializer or apply the patch provided by Rails.
• Possible Denial of Service Attack in Active Support
CVE: 2015-3327
Description: Active Support provides language extensions and utilities to the framework. Two components — jdom.rb and rexml.rb — are vulnerable when JDOM or REXML are enabled, allowing remote attackers to cause a Denial of Service (DoS) attack with a specially crafted XML file. This affects versions of Rails before 4.1.11 and 4.2.x before 4.2.2.
Solution: Update or patch Rails to fix the two vulnerable components.
• IP Whitelist Bypass in Web Console
CVE: 2015-3324
Description: Rails environments with Web Console enabled are susceptible to spoofing via specially crafted remote requests. This vulnerability impacts version 2.1.3, as used with Rails 3.x and 4.x.
Solution: Upgrade or patch Rails to fix the Web Console’s whitelisted IP protection mechanism.
• CSRF Vulnerability in jquery-ujs and jquery-rails
CVE: 2015-1840
Description: jquery-ujs and jquery-rails enable the use of jQuery in Rails web applications. Vulnerable versions allow attackers to bypass CSP protections and send CSRF tokens to attacker-controlled domains. All versions of Rails that use these components are affected.
Solution: Apply the appropriate patches for jquery-ujs and jquery-rails.
• XSS Vulnerability in ActiveSupport::JSON.encode
CVE: 2015-3226
Description: This flaw in Rails Active Support allows for XSS attacks to be carried out through json/encoding.rb. Impacted versions include Ruby on Rails 3.x and 4.1.x before 4.1.11, and 4.2.x before 4.2.2.
Solution: Apply the appropriate security patches.
• Potential Denial of Service Vulnerability in Rack
CVE: 2015-3225
Description: Rack is a Ruby web server interface that filters requests and responses to Rails applications. Specially crafted requests can trigger a SystemStackError and lead to a DoS condition. This affects all versions.
Solution: Upgrade or apply the appropriate patches.
• Arbitrary File Existence Disclosure in Action Pack
CVE: 2014-7829
Description: Action Pack’s action_dispatch/middleware/static.rb is vulnerable to directory traversal, allowing remote attackers to determine the existence of files outside the application root.
Impacted Versions:
– 3.x before 3.2.20
– 4.0.x before 4.0.11
– 4.1.x before 4.1.7
– 4.2.x before 4.2.0.beta3
Solution: Apply the appropriate security patches or update your version of Rails.
Remediation:
Fixing the above vulnerabilities is crucial to bolstering your Rails web application's security posture. At Valency Networks, we understand your web application and perform framework-specific checks mentioned above. Our expertise in this matter enables us to be highly accurate in vulnerability detection and remediation.
Resources:
