Rails 3.0.5 Log File Injection Proof Of Concept

Encoding: UTF-8 Log-File-Injection - Ruby on Rails 3.05 possibilities: - possible date back attacks tried with request-log-analyzer: worked but teasercheckwarnings - ip spoofing - binary log-injections - DOS if ip is used with an iptables-ban-script !! works only on intranet apps !! Fix: validate...