CVE-2013-0263
published 2013-02-08CVE-2013-0263: Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers…
PriorityP338medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
5.28%
91.5th percentile
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ruby-rack | < ruby-rack 1.4.1-2.1 (bookworm) | ruby-rack 1.4.1-2.1 (bookworm) |
| rack | rack | >= 1.1.0 < 1.1.6 | 1.1.6 |
| rack | rack | >= 1.2.0 < 1.2.8 | 1.2.8 |
| rack | rack | >= 1.3.0 < 1.3.10 | 1.3.10 |
| rack | rack | >= 1.4.0 < 1.4.5 | 1.4.5 |
| rack | rack | >= 1.5.0 < 1.5.2 | 1.5.2 |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
| rack_project | rack | — | — |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Rack arbitrary code execution via timing attack
osv·2022-05-05
CVE-2013-0263 [MEDIUM] Rack arbitrary code execution via timing attack
Rack arbitrary code execution via timing attack
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
GHSA
Rack arbitrary code execution via timing attack
ghsa·2022-05-05
CVE-2013-0263 [MEDIUM] Rack arbitrary code execution via timing attack
Rack arbitrary code execution via timing attack
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
OSV
CVE-2013-0263: Rack::Session::Cookie in Rack 1
osv·2013-02-08·CVSS 5.1
CVE-2013-0263 [MEDIUM] CVE-2013-0263: Rack::Session::Cookie in Rack 1
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
Red Hat
rubygem-rack: Timing attack in cookie sessions
vendor_redhat·2013-02-08·CVSS 5.1
CVE-2013-0263 [MEDIUM] rubygem-rack: Timing attack in cookie sessions
rubygem-rack: Timing attack in cookie sessions
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
Package: rubygem-rack (Red Hat Enterprise MRG 2) - Affected
Debian
CVE-2013-0263: ruby-rack - Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x befo...
vendor_debian·2013·CVSS 5.1
CVE-2013-0263 [MEDIUM] CVE-2013-0263: ruby-rack - Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x befo...
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
Scope: local
bookworm: resolved (fixed in 1.4.1-2.1)
bullseye: resolved (fixed in 1.4.1-2.1)
forky: resolved (fixed in 1.4.1-2.1)
sid: resolved (fixed in 1.4.1-2.1)
trixie: resolved (fixed in 1.4.1-2.1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [fedora-all]
bugzilla·2013-02-08·CVSS 5.1
CVE-2013-0263 [MEDIUM] CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [fedora-all]
CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects
Bugzilla
CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [epel-all]
bugzilla·2013-02-08·CVSS 5.1
CVE-2013-0263 [MEDIUM] CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [epel-all]
CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affe
Bugzilla
CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [epel-all]
bugzilla·2013-02-08·CVSS 5.1
CVE-2013-0263 [MEDIUM] CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [epel-all]
CVE-2013-0263 Rubygem Rack: Timing attack in cookie sessions [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affe
Bugzilla
CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
bugzilla·2013-02-08·CVSS 5.1
CVE-2013-0263 [MEDIUM] CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
James Tucker ([email protected]) reports:
CVE: CVE-2013-0263
Software: Rack (rack.github.com)
Type of vulnerability: Timing attack, leading to potential RCE
Vulnerable code:
https://github.com/rack/rack/blob/master/lib/rack/session/cookie.rb#L149
Patch:
https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07
https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11
Versions affected: All prior versions.
Versions fixed: 1.1.6, 1.2.8, 1.3.10, 1.4.5, 1.5.2
Reporter: Ben Murphy
Reference:
http://seclists.org/oss-sec/2013/q1/271
Discussion:
Created rubygem-rack tracking bugs for this issue
Affects: epel-all [bug 909088]
---
Created rubygem-rack tracking bugs for this issue
Affects: fed
http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.htmlhttp://rack.github.com/http://rhn.redhat.com/errata/RHSA-2013-0686.htmlhttp://secunia.com/advisories/52033http://secunia.com/advisories/52134http://secunia.com/advisories/52774http://www.debian.org/security/2013/dsa-2783http://www.osvdb.org/89939https://bugzilla.redhat.com/show_bug.cgi?id=909071https://gist.github.com/codahale/f9f3781f7b54985bee94https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4Jhttps://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJhttps://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJhttps://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJhttps://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJhttps://puppet.com/security/cve/cve-2013-0263https://twitter.com/coda/statuses/299732877745197056http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.htmlhttp://rack.github.com/http://rhn.redhat.com/errata/RHSA-2013-0686.htmlhttp://secunia.com/advisories/52033http://secunia.com/advisories/52134http://secunia.com/advisories/52774http://www.debian.org/security/2013/dsa-2783http://www.osvdb.org/89939https://bugzilla.redhat.com/show_bug.cgi?id=909071https://gist.github.com/codahale/f9f3781f7b54985bee94https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4Jhttps://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJhttps://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJhttps://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJhttps://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJhttps://puppet.com/security/cve/cve-2013-0263https://twitter.com/coda/statuses/299732877745197056
2013-02-08
Published