[Mongrel] [SEC] Mongrel Temporary Fix For cgi.rb 99% CPU DoS Attack
samuelgiffney at gmail.com
Thu Oct 26 22:43:14 EDT 2006
Just in case this trips anyone else up...
I applied Ian's suggested patch
# wget -O cgi.rb
# install -m 644 cgi.rb /usr/lib/ruby/1.8/cgi.rb
but this caused my app to throw an error - looks like something to do
with the FileColumn plugin.
undefined method `size' for #<CGI::QueryExtension::MorphingBody:0xb757a62c>
Anyway I fixed this by running Ian's patch with
which is the current cgi.rb from the ruby1.8 branch rather than the Main branch.
Thanks for the heads up Ian & Zed
More information about the Mongrel-users