2012-06-13 Instructure Advisory IAC87646 - Rails SQL Injection Vulnerability

Document created by jordan@instructure.com on Sep 22, 2015Last modified by Renee Carney on Sep 22, 2015
Version 2Show Document
  • View in full screen mode

    SECURITY UPDATE

Canvas + Logo transparent (WHITE)- 300px.png

 

  Release Date:2012-06-13  (Last update can be found below the document title)
  Description:SQL Injection Attack in Rails Library
  Criticality Level:Highly Critical ( Less Critical < Critical < Moderately Critical < Highly Critical )
  Impact:
  • Manipulation of data
  • Exposure of sensitive information
  • Privilege escalation
  Systems Affected:Canvas LMS
  Solution Status:Patched
  Discovered By:-
  Relevant Changesets:

https://github.com/instructure/canvas-lms/commit/6ade80562cd3cbfa804a7ebb06417c5b92c902cf


 

Summary:

A SQL Injection Vulnerability was discovered in the Ruby on Rails 2.3.x library that Canvas uses. Due to the way Active Record handles nested query parameters, an attacker can use a specially crafted request to inject some forms of SQL into your application's SQL queries.

More information is available at http://seclists.org/oss-sec/2012/q2/504 .

 

Status:

Fixed in Canvas Cloud. Users of Canvas CV are encouraged to either update to the most recent stable code or apply the patch manually immediately.

 

 


Attachments

    Outcomes