January 2010 Archives

WEBrick has an Escape Sequence Injection vulnerability

A vulnerability was found on WEBrick, a part of Ruby's standard library. WEBrick lets attackers to inject malicious escape sequences to its logs, making it possible for dangerous control characters to be executed on a victim's terminal emulator.

Continue Reading...

<< Back to 2010 Archives