PT-2009-5600 · Ruby · Thin

Alex Legler

Publicado

2009-09-22

Atualizado

2017-10-24

CVE-2009-3287

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Thin web server versions prior to 1.2.4

Description The issue allows remote attackers to spoof the IP address of the client by modifying the X-Forwarded-For header, potentially hiding their activities. This is due to the reliance on the X-Forwarded-For header to determine the client's IP address in the lib/thin/connection.rb file.

Recommendations For versions prior to 1.2.4, update to version 1.2.4 or later to resolve the issue. As a temporary workaround, consider validating the X-Forwarded-For header to prevent IP address spoofing. Restrict access to sensitive areas of the web server to minimize the risk of exploitation.

Exploit

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2009-3287

GHSA-J24P-R6WX-R79W

Produtos afetados

Thin

PT-2009-5600 · Ruby · Thin

CVE-2009-3287

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12