Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3905

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2008-3905
Last Modified 07 Mar 2011 10:11:37
Published 04 Sep 2008 01:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3905

Summary

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

Vulnerable Systems

Application

  • Ruby-lang Ruby 1.6

  • Ruby-lang Ruby 1.6.8

  • Ruby-lang Ruby 1.8.0

  • Ruby-lang Ruby 1.8.1

  • Ruby-lang Ruby 1.8.2

  • Ruby-lang Ruby 1.8.3

  • Ruby-lang Ruby 1.8.4

  • Ruby-lang Ruby 1.8.5

  • Ruby-lang Ruby 1.8.6

  • Ruby-lang Ruby 1.8.7

  • Ruby-lang Ruby 1.9


References

CONFIRM - http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

FEDORA - FEDORA-2008-8736

FEDORA - FEDORA-2008-8738

XF - ruby-resolv-dns-spoofing(45935)

VUPEN - ADV-2008-2334

UBUNTU - USN-651-1

BID - 31699

REDHAT - RHSA-2008:0897

MLIST - [oss-security] 20080904 Re: CVE Request (ruby -- DNS spoofing vulnerability

MLIST - [oss-security] 20080903 CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb)

DEBIAN - DSA-1652

DEBIAN - DSA-1651

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

SLACKWARE - SSA:2008-334-01

GENTOO - GLSA-200812-17

SECUNIA - 33178

SECUNIA - 32948

SECUNIA - 32371

SECUNIA - 32256

SECUNIA - 32255

SECUNIA - 32219

SECUNIA - 32165

SECUNIA - 31430


Last Updated: 27 May 2016 10:48:20