Advertise with us (we do not endorse any site advertised)

Author Topic: Ruby Bitcoin Exchangers at risk?  (Read 2153 times)

0 Members and 1 Guest are viewing this topic.

Offline bitcoinforum.comTopic starter

  • Administrator
  • Legendary Member
  • *******
  • Joined: Nov 2011
  • Location: bitcoinforum.com
  • Posts: 1458
  • Country: bz
  • Thanked: 13 times
  • Karma: +25/-0
  • Gender: Male
  • The Bitcoin genie is already out of the bottle.
    • View Profile
    • Bitcoinforum.com
Ruby Bitcoin Exchangers at risk?
« on: January 31, 2013, 05:43:58 PM »
Ruby Bitcoin Exchangers at risk?

Quote
Vulnerability Summary for CVE-2013-0333

Original release date:01/30/2013 Last revised:01/30/2013  Source: US-CERT/NIST

Overview

lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
Read the full text on https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0333
"No man has received from nature the right to give orders to others. Freedom is a gift from heaven, and every
individual of the same species has the right to enjoy it as soon as he is in enjoyment of his reason."
(Denis Diderot)


Offline bitcoinforum.comTopic starter

  • Administrator
  • Legendary Member
  • *******
  • Joined: Nov 2011
  • Location: bitcoinforum.com
  • Posts: 1458
  • Country: bz
  • Thanked: 13 times
  • Karma: +25/-0
  • Gender: Male
  • The Bitcoin genie is already out of the bottle.
    • View Profile
    • Bitcoinforum.com
Re: Ruby Bitcoin Exchangers at risk?
« Reply #1 on: January 31, 2013, 08:15:53 PM »
Quote
Bitcoin Central powers bitcoin-central.net, a bitcoin trading platform. It is:
  • Open Source,
  • Based on Ruby on Rails,
  • Fully localizable,
  • Multi-currency.

https://github.com/davout/bitcoin-central
"No man has received from nature the right to give orders to others. Freedom is a gift from heaven, and every
individual of the same species has the right to enjoy it as soon as he is in enjoyment of his reason."
(Denis Diderot)


 

Youtube.com: Micon's how to play poker with bitcoin

Started by bitcoinforum.com

Replies: 0
Views: 4938
Last post April 10, 2012, 10:14:54 PM
by bitcoinforum.com
How a bitcoin transaction works?

Started by bitcoinforum.com

Replies: 2
Views: 6325
Last post February 22, 2014, 02:21:51 PM
by bitcoinwallettest
Still present bug just found by Hal Finney makes Bitcoin more traceable

Started by bitcoinforum.com

Replies: 0
Views: 4675
Last post December 14, 2012, 05:30:40 PM
by bitcoinforum.com
net-security.org: Beware of Bitcoin miner posing as Trend Micro AV

Started by bitcoinforum.com

Replies: 0
Views: 6666
Last post December 14, 2012, 05:47:39 PM
by bitcoinforum.com
nbr.co.nz: Bitcoin makes mainstream moves

Started by bitcoinforum.com

Replies: 0
Views: 5136
Last post December 14, 2012, 10:51:21 PM
by bitcoinforum.com

Advertise with us (we do not endorse any site advertised)