Ruby 1.8.6-p287 and earlier versions use sequential transaction IDs and constant source ports for DNS requests, allowing remote attackers to spoof DNS responses. (CVE-2008-3905
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | ruby -- DNS spoofing vulnerability in resolv.rb | 4 May 200820:00 | – | rubygems |
![]() | ruby -- DNS spoofing vulnerability in resolv.rb | 4 May 200820:00 | – | rubygems |
![]() | CVE-2008-3905 | 4 Sep 200817:00 | – | cvelist |
![]() | CVE-2008-1447 | 8 Jul 200823:00 | – | cvelist |
![]() | CVE-2008-3905 | 4 Sep 200817:41 | – | nvd |
![]() | CVE-2008-1447 | 8 Jul 200823:41 | – | nvd |
![]() | Design/Logic Flaw | 4 Sep 200817:41 | – | prion |
![]() | Spoofing | 8 Jul 200823:41 | – | prion |
![]() | Slackware 11.0 / 12.0 / 12.1 : ruby (SSA:2008-334-01) | 1 Dec 200800:00 | – | nessus |
![]() | Oracle Linux 3 : ruby (ELSA-2008-0896) | 12 Jul 201300:00 | – | nessus |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo