all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ruby Vulnerabilities: Exploiting Dangerous Open, Send and Deserialization Operations

Add to bookmarks
May 17, 2022, 4 p.m. | Ben Lincoln

bishopfox.com bishopfox.com

Managing Sr. Consultant Ben Lincoln tested a Ruby on Rails application that was vulnerable to three of the most common types of Ruby-specific RCE vulnerabilities. Here is a walkthrough and new test harness that you can use to enable more efficient web application exploitation.

deserialization operations ruby send vulnerabilities

Visit resource

More from bishopfox.com / bishopfox.com

PAN-OS CVE-2024-3400: Patch Your Palo Alto Firewalls 3 days, 23 hours ago | bishopfox.com
alto attackers bishop fox cve +11
Technology and Software: 2023 Insights From the Ponemon Institute 3 weeks ago | bishopfox.com
amp cutting edge industry +10
Practical Measures for AI and LLM Security: Securing the Future for Enterprises 3 weeks ago | bishopfox.com
adoption can enterprises future +9
The iSOON Disclosure: Exploring the Integrated Operations Platform 1 month ago | bishopfox.com
blog data disclosure integrated operations +7
Poisoned Pipeline Execution Attacks: A Look at CI-CD Environments 1 month ago | bishopfox.com
attacks blog ci-cd environments +6
Implementing the FDA's 2023 Requirements for Medical Device Cybersecurity 1 month, 1 week ago | bishopfox.com
actionable cybersecurity device device cybersecurity +12
Further Adventures in Fortinet Decryption 1 month, 2 weeks ago | bishopfox.com
adventures blog decrypt decryption +8
CVE-2024-21762 Vulnerability Scanner for FortiGate Firewalls 1 month, 3 weeks ago | bishopfox.com
bishop fox cve discover firewalls +6
Unlocking Job Opportunities with LinkedIn and Artificial Intelligence 1 month, 3 weeks ago | bishopfox.com
artificial artificial intelligence industry intelligence +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network AWS Cloud &Firewall Engineer

@ Arthur Grand Technologies Inc | Plano, TX, United States
View on infosec-jobs.com

Lead Consultant, Data Centre & BCP

@ Singtel | Singapore, Singapore
View on infosec-jobs.com

Protocol Security Engineer

@ Osmosis Labs | Remote
View on infosec-jobs.com

Technical Engineer - Payments Security Specialist

@ H&M Group | Bengaluru, India
View on infosec-jobs.com

Intern, Security Architecture

@ Sony | Work from Home-CA
View on infosec-jobs.com
View more jobs