Description

Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.

Related CPE's

a

rack_project

rack

28

References

http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html

http://rack.github.com/

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0686.html

http://secunia.com/advisories/52033

Vendor Advisory

http://secunia.com/advisories/52134

Vendor Advisory

http://secunia.com/advisories/52774

http://www.debian.org/security/2013/dsa-2783

http://www.osvdb.org/89939

https://bugzilla.redhat.com/show_bug.cgi?id=909071

https://gist.github.com/codahale/f9f3781f7b54985bee94

https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07

https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11

https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J

https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ

https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ

https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ

https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ

https://puppet.com/security/cve/cve-2013-0263

https://twitter.com/coda/statuses/299732877745197056

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

AV:N/AC:H/Au:N/C:P/I:P/A:P

5.1 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2013-02-08T20:55:01.640

12 years ago

Last modified

2023-02-13T04:40:27.140

2 years ago