Ruby on Rails ':offset' And ':limit' Parameters SQL Injection Vulnerabilities

Bugtraq ID: 31176
Class: Input Validation Error
CVE: CVE-2008-4094
Remote: Yes
Local: No
Published: Jun 01 2008 12:00AM
Updated: Dec 21 2009 08:43AM
Credit: Tobias Schlottke
Vulnerable: SuSE SUSE Linux Enterprise Server 10
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
Ruby on Rails Ruby on Rails 2.1
Ruby on Rails Ruby on Rails 1.2.6
Ruby on Rails Ruby on Rails 1.2.5
Ruby on Rails Ruby on Rails 1.2.3
Ruby on Rails Ruby on Rails 1.1.6
Ruby on Rails Ruby on Rails 1.1.5
Ruby on Rails Ruby on Rails 1.1.4
Ruby on Rails Ruby on Rails 1.1.3
Ruby on Rails Ruby on Rails 1.1.2
Ruby on Rails Ruby on Rails 1.1.1
rPath rPath Linux 2
rPath rPath Linux 1
rPath Appliance Platform Linux Service 2
rPath Appliance Platform Linux Service 1
Red Hat Fedora 9
Gentoo Linux
Not Vulnerable: Ruby on Rails Ruby on Rails 2.1.1


 

Privacy Statement
Copyright 2010, SecurityFocus