Hackers are actively exploiting a critical vulnerability in the Ruby on Rails Web application development framework in order to compromise Web servers and create a botnet. The Ruby on Rails development team released a security patch for the vulnerability, which is known as CVE-2013-0156, back in January. “It’s pretty surprising that it’s taken this long [for an exploit] to surface in the wild, but less surprising that people are still running vulnerable installations of Rails,” said Jeff Jarmoc, a security consultant with security research firm Matasano Security, Tuesday in a blog post.<\/p>\n","protected":false},"excerpt":{"rendered":"
The resulting malware is a bot that connects to an IRC (Internet Relay Chat) server and joins a predefined channel where it waits for commands from the attackers.<\/p>\n
Reports of malicious activity using this exploit were posted in recent days on several discussion boards and it also appears that some Web hosting providers were affected, Jarmoc said.<\/p>\n
<\/p>\n
Users should update the Ruby on Rails installations on their servers to at least versions 3.2.11, 3.1.10, 3.0.19 or 2.3.15 which contain the patch for this vulnerability. However, the best course of action is probably to update to the latest available Rails versions, depending on the branch used, since other critical vulnerabilities have been addressed since then.<\/p>\n
<\/p>\n