SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Ruby on Rails log file manipulation attempt
This event is generated when an attacker attempts to exploit a file inclusion vulnerability present in Ruby on Rails by manipulating the development.log file. Impact: Attempted User Privilege Gain Details: Rule checks for an attempt to exploit a file inclusion vulnerability found in Ruby on Rails. Ease of Attack: Simple; Metasploit modules available
No public information
No known false positives
Cisco Talos Intelligence Group
Tactic:
Technique:
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
CVE-2016-0752Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. |
|
|||||||||||||||||||||||||
©2023 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
