CVE-2011-3187: Input Validation
First published: Mon Aug 29 2011(Updated: )
The `to_s` method in `actionpack/lib/action_dispatch/middleware/remote_ip.rb` in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| rubygems/actionpack | >=2.3.0<2.3.13 | 2.3.13 |
| Ruby on Rails | =3.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2011/08/22/13
- http://www.openwall.com/lists/oss-security/2011/08/22/5
- http://webservsec.blogspot.com/2011/02/ruby-on-rails-vulnerability.html
- http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0337.html
- http://www.openwall.com/lists/oss-security/2011/08/22/14
- http://www.openwall.com/lists/oss-security/2011/08/17/1
- http://www.openwall.com/lists/oss-security/2011/08/20/1
- https://bugzilla.novell.com/show_bug.cgi?id=673010
- http://www.openwall.com/lists/oss-security/2011/08/19/11
- https://nvd.nist.gov/vuln/detail/CVE-2011-3187
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-3187.yml
- https://web.archive.org/web/20111209181000/http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0337.html
- https://github.com/advisories/GHSA-3vfw-7rcp-3xgm (Advisory)
Frequently Asked Questions
What is the severity of CVE-2011-3187?
CVE-2011-3187 is considered a moderate severity vulnerability due to the potential for log injection and IP address bypass.
How do I fix CVE-2011-3187?
To fix CVE-2011-3187, upgrade Ruby on Rails to version 3.0.6 or later, or update actionpack to version 2.3.13.
What impact does CVE-2011-3187 have on my application?
CVE-2011-3187 can allow attackers to manipulate log files or spoof IP addresses, which may lead to security issues.
Is CVE-2011-3187 still a concern for modern applications?
While CVE-2011-3187 primarily affects older versions of Ruby on Rails, any application using those versions should still be assessed for risk.
Which versions of Ruby on Rails are affected by CVE-2011-3187?
CVE-2011-3187 affects Ruby on Rails version 3.0.5 and earlier.
- collector/github-advisory-latest
- alias/GHSA-3vfw-7rcp-3xgm
- alias/CVE-2011-3187
- collector/github-advisory
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/first-publish-date
- agent/event
- agent/description
- agent/trending
- agent/source
- agent/tags
- collector/nvd-cve
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-index
- package-manager/rubygems
- vendor/rubyonrails
- canonical/ruby on rails
- version/ruby on rails/3.0.5