Ruby on Rails Routing Code URL Code Evaluation DoS
High Nessus Plugin ID 22204
SynopsisThe remote web server is affected by a code evaluation issue.
DescriptionThe remote web server appears to be using a version of Ruby on Rails, an open source web framework, that has a flaw in its routing code that can lead to the evaluation of Ruby code through the URL. Successful exploitation of this issue can result in a denial of service or even data loss.
SolutionEither apply the appropriate patch referenced in the vendor advisory above or upgrade to Ruby on Rails 1.1.6 or later.