Search...

Ruby on Rails Active Record SQL Injection Vulnerability (Linux)

2016-10-13T00:00:00

ID OPENVAS:1361412562310807378
Type openvas
Reporter Copyright (C) 2016 Greenbone Networks GmbH
Modified 2018-10-10T00:00:00

Description

This host is running Ruby on Rails and is prone to SQL injection vulnerability.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 11811 2018-10-10 09:55:00Z asteins $
#
# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)
#
# Authors:
# Antu Sanadi &lt;santu@secpod.com&gt;
#
# Copyright:
# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

CPE = 'cpe:/a:rubyonrails:ruby_on_rails';

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.807378");
  script_version("$Revision: 11811 $");
  script_cve_id("CVE-2016-6317");
  script_bugtraq_id(92434);
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_tag(name:"last_modification", value:"$Date: 2018-10-10 11:55:00 +0200 (Wed, 10 Oct 2018) $");
  script_tag(name:"creation_date", value:"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)");
  script_tag(name:"qod_type", value:"remote_banner_unreliable");
  script_name("Ruby on Rails Active Record SQL Injection Vulnerability (Linux)");

  script_tag(name:"summary", value:"This host is running Ruby on Rails and is
  prone to SQL injection vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw is due to the way Active Record
  interprets parameters in combination with the way that JSON parameters are
  parsed, it is possible for an attacker to issue unexpected database queries
  with 'IS NULL' or empty where clauses.");

  script_tag(name:"impact", value:"Successful exploitation will allow a remote
  attacker to bypass intended database-query restrictions and perform NULL checks
  or trigger missing WHERE clauses via a crafted request, as demonstrated by
  certain '[nil]' values.");

  script_tag(name:"affected", value:"Ruby on Rails 4.2.x before 4.2.7.1 on Linux");

  script_tag(name:"solution", value:"Upgrade to Ruby on Rails 4.2.7.1 or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"http://www.openwall.com/lists/oss-security/2016/08/11/4");
  script_xref(name:"URL", value:"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA");
  script_xref(name:"URL", value:"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone Networks GmbH");
  script_family("Web application abuses");
  script_dependencies("secpod_ruby_rails_detect.nasl", "os_detection.nasl");
  script_mandatory_keys("RubyOnRails/installed", "Host/runs_unixoide");
  script_require_ports("Services/www", 3000);
  script_xref(name:"URL", value:"http://rubyonrails.org");
  exit(0);
}


include("version_func.inc");
include("host_details.inc");

if(!RubyonRailPort = get_app_port(cpe:CPE)){
  exit(0);
}

if(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){
  exit(0);
}

if(version_in_range(version:RubyonRailVer, test_version:"4.2.0", test_version2:"4.2.7.0"))
{
  report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:"4.2.7.1");
  security_message(data:report, port:RubyonRailPort);
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310807378", "bulletinFamily": "scanner", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Linux)", "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "published": "2016-10-13T00:00:00", "modified": "2018-10-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807378", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://rubyonrails.org", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "cvelist": ["CVE-2016-6317"], "type": "openvas", "lastseen": "2018-10-11T12:36:46", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "36aa060594f32f0a89637e0613a2188249f8a357d3a68b1e9ba9315d700290ae", "hashmap": [{"hash": "5a8b427c85fc28c29cc762052f43aa3d", "key": "description"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "published"}, {"hash": "c9c8d39315c77932a9b5173e23d4dcf3", "key": "pluginID"}, {"hash": "55199d25018fbdb9b50e6b64d444c3a4", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "1f55505d74f3aaa5dd7068ab31cf6f62", "key": "href"}, {"hash": "880250e17f7058f88476026cc27bf224", "key": "modified"}, {"hash": "a396c37e785aedd996daef45aca71fb5", "key": "title"}, {"hash": "ea106ff9c2727a6e906e8959871e7c06", "key": "reporter"}, {"hash": "435182f7e39c5ffd6d2a0e685c5400e0", "key": "sourceData"}, {"hash": "2d1f501cf925df4b9ddcbbec739d6940", "key": "references"}, {"hash": "5c2fb6abefa4b019bd1c0af856180f2b", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807378", "id": "OPENVAS:1361412562310807378", "lastseen": "2018-09-26T14:17:09", "modified": "2018-09-25T00:00:00", "naslFamily": "Web application abuses", "objectVersion": "1.3", "pluginID": "1361412562310807378", "published": "2016-10-13T00:00:00", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 11607 2018-09-25 13:53:15Z asteins $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807378\");\n script_version(\"$Revision: 11607 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-25 15:53:15 +0200 (Tue, 25 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\n For updates refer to http://rubyonrails.org\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name:\"URL\", value:\"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3000);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Linux)", "type": "openvas", "viewCount": 1}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-26T14:17:09"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "8a44cc1b2a8d71709698157a31358e3eb33c0eff2baa8d178df7a6d016904213", "hashmap": [{"hash": "5a8b427c85fc28c29cc762052f43aa3d", "key": "description"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "modified"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "published"}, {"hash": "c9c8d39315c77932a9b5173e23d4dcf3", "key": "pluginID"}, {"hash": "55199d25018fbdb9b50e6b64d444c3a4", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "1f55505d74f3aaa5dd7068ab31cf6f62", "key": "href"}, {"hash": "42f59352167dc1dca0f7500bb165cf4c", "key": "sourceData"}, {"hash": "a396c37e785aedd996daef45aca71fb5", "key": "title"}, {"hash": "ea106ff9c2727a6e906e8959871e7c06", "key": "reporter"}, {"hash": "2d1f501cf925df4b9ddcbbec739d6940", "key": "references"}, {"hash": "5c2fb6abefa4b019bd1c0af856180f2b", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807378", "id": "OPENVAS:1361412562310807378", "lastseen": "2017-10-25T14:42:51", "modified": "2017-10-24T00:00:00", "naslFamily": "Web application abuses", "objectVersion": "1.3", "pluginID": "1361412562310807378", "published": "2016-10-13T00:00:00", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 7545 2017-10-24 11:45:30Z cfischer $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807378\");\n script_version(\"$Revision: 7545 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 13:45:30 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\n For updates refer to http://rubyonrails.org\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name : \"URL\" , value : \"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name : \"URL\" , value : \"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3000);\n exit(0);\n}\n\n\n##\n### Code Starts Here\n##\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nRubyonRailPort = \"\";\nRubyonRailVer = \"\";\n\n## Get HTTP Port\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\n##Check for vulnerable version\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Linux)", "type": "openvas", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-25T14:42:51"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "d24f99b24ef03faab7f81cb4e4c3df9255fa3bfe0cf5d55cf01991588935efe4", "hashmap": [{"hash": "5a8b427c85fc28c29cc762052f43aa3d", "key": "description"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "modified"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "published"}, {"hash": "c9c8d39315c77932a9b5173e23d4dcf3", "key": "pluginID"}, {"hash": "55199d25018fbdb9b50e6b64d444c3a4", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "1f55505d74f3aaa5dd7068ab31cf6f62", "key": "href"}, {"hash": "42f59352167dc1dca0f7500bb165cf4c", "key": "sourceData"}, {"hash": "a396c37e785aedd996daef45aca71fb5", "key": "title"}, {"hash": "ea106ff9c2727a6e906e8959871e7c06", "key": "reporter"}, {"hash": "2d1f501cf925df4b9ddcbbec739d6940", "key": "references"}, {"hash": "5c2fb6abefa4b019bd1c0af856180f2b", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807378", "id": "OPENVAS:1361412562310807378", "lastseen": "2018-08-30T19:21:10", "modified": "2017-10-24T00:00:00", "naslFamily": "Web application abuses", "objectVersion": "1.3", "pluginID": "1361412562310807378", "published": "2016-10-13T00:00:00", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 7545 2017-10-24 11:45:30Z cfischer $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807378\");\n script_version(\"$Revision: 7545 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 13:45:30 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\n For updates refer to http://rubyonrails.org\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name : \"URL\" , value : \"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name : \"URL\" , value : \"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3000);\n exit(0);\n}\n\n\n##\n### Code Starts Here\n##\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nRubyonRailPort = \"\";\nRubyonRailVer = \"\";\n\n## Get HTTP Port\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\n##Check for vulnerable version\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Linux)", "type": "openvas", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:21:10"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "8a44cc1b2a8d71709698157a31358e3eb33c0eff2baa8d178df7a6d016904213", "hashmap": [{"hash": "5a8b427c85fc28c29cc762052f43aa3d", "key": "description"}, {"hash": "c5bb34af05c207ad0795b24b339835fb", "key": "modified"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "published"}, {"hash": "c9c8d39315c77932a9b5173e23d4dcf3", "key": "pluginID"}, {"hash": "55199d25018fbdb9b50e6b64d444c3a4", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "1f55505d74f3aaa5dd7068ab31cf6f62", "key": "href"}, {"hash": "42f59352167dc1dca0f7500bb165cf4c", "key": "sourceData"}, {"hash": "a396c37e785aedd996daef45aca71fb5", "key": "title"}, {"hash": "ea106ff9c2727a6e906e8959871e7c06", "key": "reporter"}, {"hash": "2d1f501cf925df4b9ddcbbec739d6940", "key": "references"}, {"hash": "5c2fb6abefa4b019bd1c0af856180f2b", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807378", "id": "OPENVAS:1361412562310807378", "lastseen": "2018-09-01T23:47:08", "modified": "2017-10-24T00:00:00", "naslFamily": "Web application abuses", "objectVersion": "1.3", "pluginID": "1361412562310807378", "published": "2016-10-13T00:00:00", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 7545 2017-10-24 11:45:30Z cfischer $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807378\");\n script_version(\"$Revision: 7545 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 13:45:30 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\n For updates refer to http://rubyonrails.org\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name : \"URL\" , value : \"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name : \"URL\" , value : \"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3000);\n exit(0);\n}\n\n\n##\n### Code Starts Here\n##\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nRubyonRailPort = \"\";\nRubyonRailVer = \"\";\n\n## Get HTTP Port\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\n##Check for vulnerable version\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Linux)", "type": "openvas", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:47:08"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "edition": 1, "enchantments": {}, "hash": "0d1803139b293038f78eec9bb7aee1ea7b5d864e052a0893fa8a481f9fd3b5fe", "hashmap": [{"hash": "5a8b427c85fc28c29cc762052f43aa3d", "key": "description"}, {"hash": "5f53274497eca880e417806017fc98d3", "key": "sourceData"}, {"hash": "7d0606d422b7f815cc8a157fb6d33530", "key": "modified"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "published"}, {"hash": "c9c8d39315c77932a9b5173e23d4dcf3", "key": "pluginID"}, {"hash": "55199d25018fbdb9b50e6b64d444c3a4", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "1f55505d74f3aaa5dd7068ab31cf6f62", "key": "href"}, {"hash": "a396c37e785aedd996daef45aca71fb5", "key": "title"}, {"hash": "ea106ff9c2727a6e906e8959871e7c06", "key": "reporter"}, {"hash": "2d1f501cf925df4b9ddcbbec739d6940", "key": "references"}, {"hash": "5c2fb6abefa4b019bd1c0af856180f2b", "key": "cvelist"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807378", "id": "OPENVAS:1361412562310807378", "lastseen": "2017-07-02T21:13:08", "modified": "2017-03-21T00:00:00", "naslFamily": "Web application abuses", "objectVersion": "1.3", "pluginID": "1361412562310807378", "published": "2016-10-13T00:00:00", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 5650 2017-03-21 10:00:45Z teissa $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807378\");\n script_version(\"$Revision: 5650 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-03-21 11:00:45 +0100 (Tue, 21 Mar 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\n For updates refer to http://rubyonrails.org\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name : \"URL\" , value : \"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name : \"URL\" , value : \"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3000);\n exit(0);\n}\n\n\n##\n### Code Starts Here\n##\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nRubyonRailPort = \"\";\nRubyonRailVer = \"\";\n\n## exit, if its not Linux\nif(host_runs(\"Linux\") != \"yes\")exit(0);\n\n## Get HTTP Port\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\n##Check for vulnerable version\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Linux)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:13:08"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "5c2fb6abefa4b019bd1c0af856180f2b"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "5a8b427c85fc28c29cc762052f43aa3d"}, {"key": "href", "hash": "1f55505d74f3aaa5dd7068ab31cf6f62"}, {"key": "modified", "hash": "9bd5dcfcb227d4b92eae337f2ff06a78"}, {"key": "naslFamily", "hash": "55199d25018fbdb9b50e6b64d444c3a4"}, {"key": "pluginID", "hash": "c9c8d39315c77932a9b5173e23d4dcf3"}, {"key": "published", "hash": "bcd8abde7f060a8789d08ba0ba73d345"}, {"key": "references", "hash": "9de2a2ebc98eafd4b1ee02eedf3fdea0"}, {"key": "reporter", "hash": "ea106ff9c2727a6e906e8959871e7c06"}, {"key": "sourceData", "hash": "741c9f66525d6ebe8c438c6cfe9d2630"}, {"key": "title", "hash": "a396c37e785aedd996daef45aca71fb5"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "523f298b884593809fe438e67f5a7e87e8a4a9bdcaabf79b014ab82d86172ad4", "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_lin.nasl 11811 2018-10-10 09:55:00Z asteins $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807378\");\n script_version(\"$Revision: 11811 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-10 11:55:00 +0200 (Wed, 10 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:38 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name:\"URL\", value:\"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3000);\n script_xref(name:\"URL\", value:\"http://rubyonrails.org\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "naslFamily": "Web application abuses", "pluginID": "1361412562310807378"}

{"cve": [{"lastseen": "2018-08-14T11:25:39", "references": ["http://www.securityfocus.com/bid/92434", "http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "http://rhn.redhat.com/errata/RHSA-2016-1855.html", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "description": "Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.", "edition": 2, "reporter": "NVD", "published": "2016-09-07T15:28:11", "title": "CVE-2016-6317", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-6317"], "scanner": [], "modified": "2018-08-13T17:47:54", "cpe": ["cpe:/a:rubyonrails:ruby_on_rails:4.2.0:beta1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0:rc2", "cpe:/a:rubyonrails:ruby_on_rails:4.2.6:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.5", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.1:rc2", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0:beta2", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0:beta4", "cpe:/a:rubyonrails:ruby_on_rails:4.2.6", "cpe:/a:rubyonrails:ruby_on_rails:4.2.5.2", "cpe:/a:rubyonrails:ruby_on_rails:4.2.7:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0:rc3", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0:beta3", "cpe:/a:rubyonrails:ruby_on_rails:4.2.4:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.3:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.3", "cpe:/a:rubyonrails:ruby_on_rails:4.2.0", "cpe:/a:rubyonrails:ruby_on_rails:4.2.7", "cpe:/a:rubyonrails:ruby_on_rails:4.2.1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.5:rc2", "cpe:/a:rubyonrails:ruby_on_rails:4.2.1:rc3", "cpe:/a:rubyonrails:ruby_on_rails:4.2.2", "cpe:/a:rubyonrails:ruby_on_rails:4.2.5.1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.5:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.1:rc4", "cpe:/a:rubyonrails:ruby_on_rails:4.2.1:rc1", "cpe:/a:rubyonrails:ruby_on_rails:4.2.4"], "id": "CVE-2016-6317", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6317", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2018-09-01T23:46:44", "references": ["2016-f58d7ecc8a", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GETU77G46UPFRZ6VRFIYLMBSLTHSBNU2"], "pluginID": "1361412562310809161", "description": "Check the version of rubygem-actionpack", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-08-30T00:00:00", "title": "Fedora Update for rubygem-actionpack FEDORA-2016-f58d7ecc8a", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809161", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809161", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2016-f58d7ecc8a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809161\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-30 05:58:42 +0200 (Tue, 30 Aug 2016)\");\n script_cve_id(\"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2016-f58d7ecc8a\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-actionpack\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Eases web-request routing, handling, and response as a half-way front,\nhalf-way page controller. Implemented with specific emphasis on enabling easy\nunit/integration testing that doesn&#39 t require a browser.\n\");\n script_tag(name: \"affected\", value: \"rubygem-actionpack on Fedora 23\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-f58d7ecc8a\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GETU77G46UPFRZ6VRFIYLMBSLTHSBNU2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~4.2.3~6.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-21T13:05:38", "references": ["http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released", "http://rubyonrails.org", "http://www.openwall.com/lists/oss-security/2016/08/11/4", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "pluginID": "1361412562310807377", "description": "This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.", "edition": 5, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-10-13T00:00:00", "title": "Ruby on Rails Active Record SQL Injection Vulnerability (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Web application abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2018-11-21T00:00:00", "id": "OPENVAS:1361412562310807377", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807377", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ruby_on_rails_action_record_sql_inj_vuln_win.nasl 12455 2018-11-21 09:17:27Z cfischer $\n#\n# Ruby on Rails Active Record SQL Injection Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:rubyonrails:ruby_on_rails';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807377\");\n script_version(\"$Revision: 12455 $\");\n script_cve_id(\"CVE-2016-6317\");\n script_bugtraq_id(92434);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-21 10:17:27 +0100 (Wed, 21 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:34 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Ruby on Rails Active Record SQL Injection Vulnerability (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to SQL injection vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the way Active Record\n interprets parameters in combination with the way that JSON parameters are\n parsed, it is possible for an attacker to issue unexpected database queries\n with 'IS NULL' or empty where clauses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to bypass intended database-query restrictions and perform NULL checks\n or trigger missing WHERE clauses via a crafted request, as demonstrated by\n certain '[nil]' values.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 4.2.x before 4.2.7.1 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 4.2.7.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/08/11/4\");\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\");\n script_xref(name:\"URL\", value:\"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_ruby_rails_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"RubyOnRails/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 3000);\n script_xref(name:\"URL\", value:\"http://rubyonrails.org\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!RubyonRailPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!RubyonRailVer = get_app_version(cpe:CPE, port:RubyonRailPort)){\n exit(0);\n}\n\nif(version_in_range(version:RubyonRailVer, test_version:\"4.2.0\", test_version2:\"4.2.7.0\"))\n{\n report = report_fixed_ver(installed_version:RubyonRailVer, fixed_version:\"4.2.7.1\");\n security_message(data:report, port:RubyonRailPort);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:46:29", "references": ["2016-b4919ffe56", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IIKYQUVSGMREVPYLGJJT4HP353LWQ6AO"], "pluginID": "1361412562310809163", "description": "Check the version of rubygem-activerecord", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-08-30T00:00:00", "title": "Fedora Update for rubygem-activerecord FEDORA-2016-b4919ffe56", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809163", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809163", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activerecord FEDORA-2016-b4919ffe56\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809163\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-30 05:58:39 +0200 (Tue, 30 Aug 2016)\");\n script_cve_id(\"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activerecord FEDORA-2016-b4919ffe56\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-activerecord\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database\ntables and classes together for business objects, like Customer or\nSubscription, that can find, save, and destroy themselves without resorting to\nmanual SQL.\n\");\n script_tag(name: \"affected\", value: \"rubygem-activerecord on Fedora 24\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-b4919ffe56\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IIKYQUVSGMREVPYLGJJT4HP353LWQ6AO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activerecord\", rpm:\"rubygem-activerecord~4.2.5.2~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:48:38", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SD7IJG75DQXRE7HO34KYAZO53RAZGCOP", "2016-f58d7ecc8a"], "pluginID": "1361412562310809159", "description": "Check the version of rubygem-activerecord", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-08-30T00:00:00", "title": "Fedora Update for rubygem-activerecord FEDORA-2016-f58d7ecc8a", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activerecord FEDORA-2016-f58d7ecc8a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809159\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-30 05:58:40 +0200 (Tue, 30 Aug 2016)\");\n script_cve_id(\"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activerecord FEDORA-2016-f58d7ecc8a\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-activerecord\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties database\ntables and classes together for business objects, like Customer or\nSubscription, that can find, save, and destroy themselves without resorting to\nmanual SQL.\n\");\n script_tag(name: \"affected\", value: \"rubygem-activerecord on Fedora 23\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-f58d7ecc8a\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SD7IJG75DQXRE7HO34KYAZO53RAZGCOP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activerecord\", rpm:\"rubygem-activerecord~4.2.3~3.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:46:25", "references": ["2016-b4919ffe56", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RJQ6L3R7RUEIDHUMRST4MEHLX46OEGYA"], "pluginID": "1361412562310809167", "description": "Check the version of rubygem-actionpack", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-08-30T00:00:00", "title": "Fedora Update for rubygem-actionpack FEDORA-2016-b4919ffe56", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809167", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809167", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2016-b4919ffe56\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809167\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-30 05:58:34 +0200 (Tue, 30 Aug 2016)\");\n script_cve_id(\"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2016-b4919ffe56\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-actionpack\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Eases web-request routing, handling, and response as a half-way front,\nhalf-way page controller. Implemented with specific emphasis on enabling easy\nunit/integration testing that doesn&#39 t require a browser.\n\");\n script_tag(name: \"affected\", value: \"rubygem-actionpack on Fedora 24\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-b4919ffe56\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RJQ6L3R7RUEIDHUMRST4MEHLX46OEGYA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~4.2.5.2~3.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:48:47", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R67FRLEDPZRRVMJS3A5LA6YIM5UQO4GY", "2016-5760339e76"], "pluginID": "1361412562310872008", "description": "Check the version of rubygem-activejob", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-07T00:00:00", "title": "Fedora Update for rubygem-activejob FEDORA-2016-5760339e76", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activejob FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872008\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:24:00 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activejob FEDORA-2016-5760339e76\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-activejob\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"Declare job classes that can be run by a\n variety of queueing backends.\");\n\n script_tag(name: \"affected\", value: \"rubygem-activejob on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-5760339e76\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R67FRLEDPZRRVMJS3A5LA6YIM5UQO4GY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activejob\", rpm:\"rubygem-activejob~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:46:26", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVDJLLIW67K6FGDQKQEY6EGTKQ7KXRQU", "2016-5760339e76"], "pluginID": "1361412562310872056", "description": "Check the version of rubygem-actionmailer", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-07T00:00:00", "title": "Fedora Update for rubygem-actionmailer FEDORA-2016-5760339e76", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionmailer FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872056\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:50 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionmailer FEDORA-2016-5760339e76\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-actionmailer\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"Email on Rails. Compose, deliver, receive,\n and test emails using the familiar controller/view pattern. First-class\n support for multipart email and attachments.\");\n\n script_tag(name: \"affected\", value: \"rubygem-actionmailer on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-5760339e76\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVDJLLIW67K6FGDQKQEY6EGTKQ7KXRQU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionmailer\", rpm:\"rubygem-actionmailer~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:48:11", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SB36DN7LSLP2GHE4LNAQGWXRMHZEU5F", "2016-5760339e76"], "pluginID": "1361412562310872094", "description": "Check the version of rubygem-actionpack", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-07T00:00:00", "title": "Fedora Update for rubygem-actionpack FEDORA-2016-5760339e76", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872094", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872094", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872094\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:27:14 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2016-5760339e76\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-actionpack\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"Eases web-request routing, handling, and\n response as a half-way front, half-way page controller. Implemented with\n specific emphasis on enabling easy unit/integration testing that doesn&#39\n t require a browser.\");\n\n script_tag(name: \"affected\", value: \"rubygem-actionpack on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-5760339e76\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SB36DN7LSLP2GHE4LNAQGWXRMHZEU5F\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~5.0.0.1~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:47:52", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAMEZEEF5UHZPV5IDQY4ZP5VLSRSFHY5", "2016-5760339e76"], "pluginID": "1361412562310871890", "description": "Check the version of rubygem-rails", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-07T00:00:00", "title": "Fedora Update for rubygem-rails FEDORA-2016-5760339e76", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310871890", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871890", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-rails FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871890\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:19:40 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-rails FEDORA-2016-5760339e76\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-rails\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"Ruby on Rails is a full-stack web\n framework optimized for programmer happiness and sustainable productivity.\n It encourages beautiful code by favoring convention over configuration.\");\n\n script_tag(name: \"affected\", value: \"rubygem-rails on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-5760339e76\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAMEZEEF5UHZPV5IDQY4ZP5VLSRSFHY5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-rails\", rpm:\"rubygem-rails~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:48:24", "references": ["2016-5760339e76", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOQL7IU7SB6QJRWGKCHRPZQUOIURV63S"], "pluginID": "1361412562310872011", "description": "Check the version of rubygem-actioncable", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-07T00:00:00", "title": "Fedora Update for rubygem-actioncable FEDORA-2016-5760339e76", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872011", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872011", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actioncable FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872011\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:24:06 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actioncable FEDORA-2016-5760339e76\");\n script_tag(name: \"summary\", value: \"Check the version of rubygem-actioncable\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"Structure many real-time application\n concerns into channels over a single WebSocket connection.\");\n\n script_tag(name: \"affected\", value: \"rubygem-actioncable on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-5760339e76\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOQL7IU7SB6QJRWGKCHRPZQUOIURV63S\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actioncable\", rpm:\"rubygem-actioncable~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2018-09-01T23:35:00", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2016-f58d7ecc8a"], "pluginID": "93209", "description": "- Fix for CVE-2016-6317 (rhbz#1366479)\n\n - Fix argument error for instance_exec for Ruby 2.3 compatibility (Only rubygem-activerecord f24)\n\n - Improve tests not to accept the failures (Only rubygem-activerecord)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2016-08-30T00:00:00", "title": "Fedora 23 : 1:rubygem-actionpack / 1:rubygem-activerecord (2016-f58d7ecc8a)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2016-10-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord", "p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-F58D7ECC8A.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=93209", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-f58d7ecc8a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93209);\n script_version(\"$Revision: 2.3 $\");\n script_cvs_date(\"$Date: 2016/10/18 17:03:08 $\");\n\n script_cve_id(\"CVE-2016-6317\");\n script_xref(name:\"FEDORA\", value:\"2016-f58d7ecc8a\");\n\n script_name(english:\"Fedora 23 : 1:rubygem-actionpack / 1:rubygem-activerecord (2016-f58d7ecc8a)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fix for CVE-2016-6317 (rhbz#1366479)\n\n - Fix argument error for instance_exec for Ruby 2.3\n compatibility (Only rubygem-activerecord f24)\n\n - Improve tests not to accept the failures (Only\n rubygem-activerecord)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-f58d7ecc8a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected 1:rubygem-actionpack and / or\n1:rubygem-activerecord packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"rubygem-actionpack-4.2.3-6.fc23\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC23\", reference:\"rubygem-activerecord-4.2.3-3.fc23\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:rubygem-actionpack / 1:rubygem-activerecord\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-13T16:56:19", "references": ["http://www.nessus.org/u?5e0e8b71", "https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "pluginID": "94082", "description": "Ruby Security team reports :\n\nThere is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. This vulnerability has been assigned the CVE identifier CVE-2016-6317. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155.", "edition": 6, "reporter": "Tenable", "published": "2016-10-17T00:00:00", "title": "FreeBSD : Rails 4 -- Unsafe Query Generation Risk in Active Record (7e61cf44-6549-11e6-8286-00248c0c745d)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:rubygem-activerecord4"], "id": "FREEBSD_PKG_7E61CF44654911E6828600248C0C745D.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94082", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94082);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:45\");\n\n script_cve_id(\"CVE-2016-6317\");\n\n script_name(english:\"FreeBSD : Rails 4 -- Unsafe Query Generation Risk in Active Record (7e61cf44-6549-11e6-8286-00248c0c745d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby Security team reports :\n\nThere is a vulnerability when Active Record is used in conjunction\nwith JSON parameter parsing. This vulnerability has been assigned the\nCVE identifier CVE-2016-6317. This vulnerability is similar to\nCVE-2012-2660, CVE-2012-2694 and CVE-2013-0155.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA\"\n );\n # https://vuxml.freebsd.org/freebsd/7e61cf44-6549-11e6-8286-00248c0c745d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e0e8b71\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem-activerecord4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"rubygem-activerecord4>4.2.0<4.2.7.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:41:19", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4919ffe56"], "pluginID": "93207", "description": "- Fix for CVE-2016-6317 (rhbz#1366479)\n\n - Fix argument error for instance_exec for Ruby 2.3 compatibility (Only rubygem-activerecord f24)\n\n - Improve tests not to accept the failures (Only rubygem-activerecord)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2016-08-30T00:00:00", "title": "Fedora 24 : 1:rubygem-actionpack / 1:rubygem-activerecord (2016-b4919ffe56)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317"], "modified": "2016-10-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord", "p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-B4919FFE56.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=93207", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-b4919ffe56.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93207);\n script_version(\"$Revision: 2.3 $\");\n script_cvs_date(\"$Date: 2016/10/18 17:03:07 $\");\n\n script_cve_id(\"CVE-2016-6317\");\n script_xref(name:\"FEDORA\", value:\"2016-b4919ffe56\");\n\n script_name(english:\"Fedora 24 : 1:rubygem-actionpack / 1:rubygem-activerecord (2016-b4919ffe56)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fix for CVE-2016-6317 (rhbz#1366479)\n\n - Fix argument error for instance_exec for Ruby 2.3\n compatibility (Only rubygem-activerecord f24)\n\n - Improve tests not to accept the failures (Only\n rubygem-activerecord)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4919ffe56\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected 1:rubygem-actionpack and / or\n1:rubygem-activerecord packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"rubygem-actionpack-4.2.5.2-3.fc24\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"rubygem-activerecord-4.2.5.2-2.fc24\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:rubygem-actionpack / 1:rubygem-activerecord\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-02T00:06:21", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2016-5760339e76"], "pluginID": "94808", "description": "Update to Rails 5.0.0.1.\n\nEnable whole test suite in Railties.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2016-11-15T00:00:00", "title": "Fedora 25 : 1:rubygem-actionmailer / 1:rubygem-actionpack / etc (2016-5760339e76)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2016-11-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord", "p-cpe:/a:fedoraproject:fedora:rubygem-activemodel", "p-cpe:/a:fedoraproject:fedora:rubygem-activejob", "p-cpe:/a:fedoraproject:fedora:1:rubygem-rails", "cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:rubygem-actioncable", "p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack", "p-cpe:/a:fedoraproject:fedora:rubygem-railties", "p-cpe:/a:fedoraproject:fedora:1:rubygem-activesupport", "p-cpe:/a:fedoraproject:fedora:1:rubygem-actionmailer", "p-cpe:/a:fedoraproject:fedora:rubygem-actionview"], "id": "FEDORA_2016-5760339E76.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94808", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-5760339e76.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94808);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2016/11/15 14:40:19 $\");\n\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n\n script_name(english:\"Fedora 25 : 1:rubygem-actionmailer / 1:rubygem-actionpack / etc (2016-5760339e76)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Rails 5.0.0.1.\n\nEnable whole test suite in Railties.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-5760339e76\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionmailer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activesupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actioncable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activejob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-railties\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actionmailer-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actionpack-5.0.0.1-2.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activerecord-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activesupport-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-rails-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actioncable-5.0.0.1-1.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actionview-5.0.0.1-2.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activejob-5.0.0.1-1.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activemodel-5.0.0.1-1.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-railties-5.0.0.1-2.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:rubygem-actionmailer / 1:rubygem-actionpack / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:09", "references": ["https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "4.2.7.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "rubygem-activerecord4", "operator": "lt"}], "description": "\nRuby Security team reports:\n\nThere is a vulnerability when Active Record is used in conjunction with JSON\nparameter parsing. This vulnerability has been assigned the CVE identifier\nCVE-2016-6317. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694\nand CVE-2013-0155.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2016-08-11T00:00:00", "title": "Rails 4 -- Unsafe Query Generation Risk in Active Record", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6317"], "modified": "2016-08-11T00:00:00", "id": "7E61CF44-6549-11E6-8286-00248C0C745D", "href": "https://vuxml.freebsd.org/freebsd/7e61cf44-6549-11e6-8286-00248c0c745d.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "redhat": [{"lastseen": "2018-12-11T17:40:55", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "4.2.6-3.el7", "arch": "noarch", "packageName": "rh-ror42-rubygem-actionpack", "packageFilename": "rh-ror42-rubygem-actionpack-4.2.6-3.el7.noarch.rpm", "operator": "lt"}], "description": "Ruby on Rails is a model-view-controller (MVC) framework for web application development. Action View implements the view component, and Active Record implements the model component.\n\nSecurity Fix(es) in rubygem-actionview:\n\n* It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack. (CVE-2016-6316)\n\nSecurity Fix(es) in rubygem-activerecord:\n\n* A flaw was found in the way Active Record handled certain special values in dynamic finders and relations. If a Ruby on Rails application performed JSON parameter parsing, a remote attacker could possibly manipulate search conditions in SQL queries generated by the application. (CVE-2016-6317)\n\nRed Hat would like to thank the Ruby on Rails project for reporting these issues. Upstream acknowledges Andrew Carpenter (Critical Juncture) as the original reporter of CVE-2016-6316; and joernchen (Phenoelit) as the original reporter of CVE-2016-6317.", "reporter": "RedHat", "published": "2016-09-13T13:49:49", "type": "redhat", "title": "(RHSA-2016:1855) Moderate: rh-ror42 security update", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-23T11:41:48", "id": "RHSA-2016:1855", "href": "https://access.redhat.com/errata/RHSA-2016:1855", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "hackerone": [{"lastseen": "2018-08-31T00:39:12", "references": [], "bounty": 1500.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/022/2883e997d5f9ddf2f1c31365d74abe52fc54c9c9_small.png?1383736680", "medium": "https://profile-photos.hackerone-user-content.com/000/000/022/1b2dab688cae8b769493f39137f09274a6b5f156_medium.png?1383736680"}, "handle": "rails", "url": "https://hackerone.com/rails"}, "bountyState": "resolved", "description": "# Unsafe Query Generation Risk in Active Record \n\nThere is a vulnerability when Active Record is used in conjunction with JSON \nparameter parsing. This vulnerability has been assigned the CVE identifier \nCVE-2016-6317. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 \nand CVE-2013-0155. \n\nVersions Affected: >= 4.2.0 \nNot affected: < 4.2.0, >= 5.0.0 \nFixed Versions: 4.2.7.1 \n\nImpact \n------ \n\nDue to the way Active Record interprets parameters in combination with the way that JSON parameters are parsed, it is possible for an attacker to issue unexpected database queries with \"IS NULL\" or empty where clauses. This issue does *not* let an attacker insert arbitrary values into an SQL query, however they can cause the query to check for NULL or eliminate a WHERE clause when most users wouldn't expect it. \n\nFor example, a system has password reset with token functionality: \n\n unless params[:token].nil? \n user = User.find_by_token(params[:token]) \n user.reset_password! \n end \n\nAn attacker can craft a request such that `params[:token]` will return `[nil]`. The `[nil]` value will bypass the test for nil, but will still add an \"IN ('xyz', NULL)\" clause to the SQL query. \n\nSimilarly, an attacker can craft a request such that `params[:token]` will return an empty hash. An empty hash will eliminate the WHERE clause of the query, but can bypass the `nil?` check. \n\nNote that this impacts not only dynamic finders (`find_by_*`) but also relations (`User.where(:name => params[:name])`). \n\nAll users running an affected release should either upgrade or use one of the work arounds immediately. All users running an affected release should upgrade immediately. Please note, this vulnerability is a variant of CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155. Even if you upgraded to address those issues, you must take action again. \n\nIf this chance in behavior impacts your application, you can manually decode the original values from the request like so: \n\n ActiveSupport::JSON.decode(request.body) \n\nReleases \n-------- \nThe FIXED releases are available at the normal locations. \n\nWorkarounds \n----------- \nThis problem can be mitigated by casting the parameter to a string before passing it to Active Record. For example: \n\n unless params[:token].nil? || params[:token].to_s.empty? \n user = User.find_by_token(params[:token].to_s) \n user.reset_password! \n end \n\n\nPatches \n------- \nTo aid users who aren't able to upgrade immediately we have provided patches for \nthe two supported release series. They are in git-am format and consist of a \nsingle changeset. \n\n* 4-2-unsafe-query-generation.patch - Patch for 4.2 series \n\nPlease note that only the 5.0.x and 4.2.x series are supported at present. Users \nof earlier unsupported releases are advised to upgrade as soon as possible as we \ncannot guarantee the continued availability of security fixes for unsupported \nreleases. \n\nCredits \n------- \n\nThanks to joernchen of Phenoelit for reporting this!", "edition": 4, "reporter": "joernchen", "published": "2016-05-17T13:38:03", "title": "Ruby on Rails: Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/075/7553065e4e409c535184998d6df8a47635f10b76_small.jpg?1479468326"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "hackerone_triager": false, "url": "/joernchen", "username": "joernchen"}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2016-6317", "CVE-2012-2660", "CVE-2012-2694", "CVE-2013-0155"], "modified": "2018-02-07T21:02:19", "id": "H1:139321", "href": "https://hackerone.com/reports/139321", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}