Advertise with us

Author Topic: Ruby Bitcoin Exchangers at risk?  (Read 712 times)

0 Members and 1 Guest are viewing this topic.

Offline bitcoinforum.comTopic starter

Ruby Bitcoin Exchangers at risk?
« on: January 31, 2013, 05:43:58 PM »
Ruby Bitcoin Exchangers at risk?

Quote
Vulnerability Summary for CVE-2013-0333

Original release date:01/30/2013 Last revised:01/30/2013  Source: US-CERT/NIST

Overview

lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
Read the full text on https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0333

Offline bitcoinforum.comTopic starter

Re: Ruby Bitcoin Exchangers at risk?
« Reply #1 on: January 31, 2013, 08:15:53 PM »
Quote
Bitcoin Central powers bitcoin-central.net, a bitcoin trading platform. It is:
  • Open Source,
  • Based on Ruby on Rails,
  • Fully localizable,
  • Multi-currency.

https://github.com/davout/bitcoin-central

 

Youtube.com: Micon's how to play poker with bitcoin

Started by bitcoinforum.com

Replies: 0
Views: 678
Last post April 10, 2012, 10:14:54 PM
by bitcoinforum.com
How a bitcoin transaction works?

Started by bitcoinforum.com

Replies: 2
Views: 1570
Last post February 22, 2014, 02:21:51 PM
by bitcoinwallettest
Still present bug just found by Hal Finney makes Bitcoin more traceable

Started by bitcoinforum.com

Replies: 0
Views: 457
Last post December 14, 2012, 05:30:40 PM
by bitcoinforum.com
net-security.org: Beware of Bitcoin miner posing as Trend Micro AV

Started by bitcoinforum.com

Replies: 0
Views: 651
Last post December 14, 2012, 05:47:39 PM
by bitcoinforum.com
nbr.co.nz: Bitcoin makes mainstream moves

Started by bitcoinforum.com

Replies: 0
Views: 802
Last post December 14, 2012, 10:51:21 PM
by bitcoinforum.com