Ruby on Rails 'authenticate_or_request_with_http_digest' Method Denial Of Service Vulnerability

Bugtraq ID: 54704
Class: Unknown
CVE: CVE-2012-3424
Remote: Yes
Local: No
Published: Jul 26 2012 12:00AM
Updated: Apr 13 2015 09:34PM
Credit: Charlie Somerville.
Vulnerable: Ruby on Rails Ruby on Rails 3.2.6
Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.6
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.14
Ruby on Rails Ruby on Rails 3.0.13
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Redhat OpenShift Enterprise 0
Redhat CloudForms 0
IBM Security Network Intrusion Prevention System 4.5
IBM Security Network Intrusion Prevention System 4.4
IBM Security Network Intrusion Prevention System 4.3
IBM Security Network Intrusion Prevention System 4.2
IBM Security Network Intrusion Prevention System 4.1
Not Vulnerable: Ruby on Rails Ruby on Rails 3.2.7
Ruby on Rails Ruby on Rails 3.1.7
Ruby on Rails Ruby on Rails 3.0.16
Redhat CloudForms 1.1


 

Privacy Statement
Copyright 2010, SecurityFocus