info
discussion
exploit
solution
references
Ruby on Rails 'http_authentication.rb' Nil Credentials Authentication Bypass Vulnerability
References:
Ruby on Rails Homepage
(Ruby on Rails)
Security hole found in Rails 2.3's http_authentication.rb
(Nate)
Security Problem with authenticate_with_http_digest
(michael)
Privacy Statement
Copyright 2010, SecurityFocus
