Plattform
ruby
Komponente
actionpack
Behoben in
4.2.5.1
CVE-2016-0751 is a denial-of-service (DoS) vulnerability discovered in Action Pack, a core component of the Ruby on Rails web application framework. This flaw allows remote attackers to exhaust server memory by crafting malicious HTTP Accept headers, potentially causing the application to become unresponsive. The vulnerability affects versions of Ruby on Rails prior to 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1. A fix is available in Rails 4.2.5.1.
An attacker can exploit CVE-2016-0751 by sending a specially crafted HTTP Accept header to a vulnerable Ruby on Rails application. This header manipulates the MIME type cache, causing the application to allocate excessive memory. The resulting memory exhaustion can lead to application crashes, service unavailability, and potentially impact other services sharing the same resources. The blast radius is limited to the affected Rails application instance, but a successful attack could disrupt critical business operations if the application is essential. While no direct data exfiltration is possible, the DoS effectively renders the application unusable, preventing legitimate users from accessing it.
CVE-2016-0751 was publicly disclosed in 2017. There is no indication of active exploitation campaigns targeting this vulnerability. While no public proof-of-concept (PoC) exploits have been widely publicized, the vulnerability's nature makes it relatively straightforward to exploit. It is not currently listed on CISA's KEV catalog. The NVD entry was published on 2017-10-24.
Organizations running Ruby on Rails applications, particularly those with older versions (prior to 4.2.5.1), are at risk. Shared hosting environments where multiple applications share server resources are particularly vulnerable, as a successful attack on one application can impact others. Legacy applications that haven't been regularly updated are also at increased risk.
• linux / server:
journalctl -u puma -g 'MIME type cache' | grep -i error• generic web:
curl -I 'http://your-rails-app.com' -H 'Accept: a' | grep 'Content-Type:'• ruby: Check application logs for excessive memory allocation related to MIME type processing. Look for errors or warnings indicating memory exhaustion.
discovery
disclosure
Exploit-Status
EPSS
6.14% (91% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2016-0751 is to upgrade to Ruby on Rails version 4.2.5.1 or later. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as rate limiting HTTP requests based on the Accept header or implementing a WAF rule to filter out suspicious Accept headers. Monitor application memory usage closely and consider increasing memory limits if necessary. Review and update any custom MIME type handling logic to ensure it does not introduce similar vulnerabilities. After upgrade, confirm the fix by sending a crafted Accept header and verifying that memory consumption remains within acceptable limits.
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2016-0751 is a denial-of-service vulnerability in Ruby on Rails Action Pack, allowing attackers to exhaust server memory with crafted HTTP Accept headers.
You are affected if you are using Ruby on Rails versions 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, or 5.x before 5.0.0.beta1.1.
Upgrade to Ruby on Rails version 4.2.5.1 or later to remediate the vulnerability. Consider WAF rules as a temporary workaround.
While no widespread exploitation campaigns are confirmed, the DoS nature of the vulnerability makes it a potential target for opportunistic attackers.
Refer to the official Ruby on Rails security advisories and vulnerability reports for detailed information: https://github.com/rails/rails/security/advisories
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Gemfile.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.