Lucene search
FreeBSD959D384D-6B59-11DD-9D79-001FC61C2A55HistoryAug 08, 2008 - 12:00 a.m.
ruby -- DNS spoofing vulnerability
2008-08-0800:00:00
vuxml.freebsd.org
26
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%
The official ruby site reports:
resolv.rb allow remote attackers to spoof DNS answers. This risk
can be reduced by randomness of DNS transaction IDs and source
ports.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | ruby | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby | < 1.8.6.111_5,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads | < 1.8.6.111_5,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads+oniguruma | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads+oniguruma | < 1.8.6.111_5,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+oniguruma | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+oniguruma | < 1.8.6.111_5,1 | UNKNOWN |
Related
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
bailiwicked_domain.rb.txt
2008-07-24 00:00:00
bind9x-poison.txt
2008-07-25 00:00:00
bailiwicked_host.rb.txt
2008-07-24 00:00:00
nessus
nessus
GLSA-200807-08 : BIND: Cache poisoning
2008-07-15 00:00:00
Fedora 9 : dnsmasq-2.45-1.fc9 (2009-1069)
2009-02-17 00:00:00
Scientific Linux Security Update : bind on SL 3.0.x , SL 4.x, SL 5.x
2012-08-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package bind version 9.3.5-alt2
2008-06-06 00:00:00
Security fix for the ALT Linux 5 package ruby version 1.8.7-alt6
2008-08-12 00:00:00
Security fix for the ALT Linux 5 package bind version 9.3.5-alt2
2008-06-06 00:00:00
openvas
openvas
CentOS Update for bind CESA-2008:0533 centos3 i386
2009-02-27 00:00:00
SLES10: Security update for bind
2009-10-13 00:00:00
HP-UX Update for BIND HPSBUX02351
2009-05-05 00:00:00
osv
osv
bind9 - cache poisoning
2008-07-08 00:00:00
refpolicy - incompatible policy
2008-07-25 00:00:00
suse
suse
DNS cache poisoning in bind
2008-07-11 09:57:52
redhat
redhat
(RHSA-2008:0789) Moderate: dnsmasq security update
2008-08-11 00:00:00
(RHSA-2008:0533) Important: bind security update
2008-07-08 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: dnsmasq-2.45-1.fc9
2009-02-14 22:11:22
[SECURITY] Fedora 9 Update: bind-9.5.0-33.P1.fc9
2008-07-09 21:45:32
[SECURITY] Fedora 9 Update: bind-9.5.1-1.P1.fc9
2009-01-15 02:51:25
ubuntucve
ubuntucve
debian
debian
[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy
2008-07-25 06:29:36
[SECURITY] [DSA-1619-2] New python-dns package fixes regression
2008-09-22 06:12:09
[SECURITY] [DSA-1619-2] New python-dns package fixes regression
2008-09-22 06:12:09
gentoo
gentoo
BIND: Cache poisoning
2008-07-11 00:00:00
pdnsd: Denial of Service and cache poisoning
2009-01-11 00:00:00
dnsmasq: Denial of Service and DNS spoofing
2008-09-04 00:00:00
debiancve
debiancve
securityvulns
securityvulns
CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
2008-07-25 00:00:00
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing
2008-07-29 00:00:00
seebug
seebug
BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
2014-07-01 00:00:00
BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)
2008-07-24 00:00:00
BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
2008-07-26 00:00:00
slackware
slackware
[slackware-security] dnsmasq
2008-07-24 00:02:47
[slackware-security] bind
2008-07-10 04:29:01
[slackware-security] ruby
2008-11-29 21:37:03
freebsd_advisory
freebsd_advisory
FreeBSD-SA-08:06.bind
2008-07-13 00:00:00
ubuntu
ubuntu
Bind vulnerability
2008-07-08 00:00:00
Dnsmasq vulnerability
2008-07-22 00:00:00
oraclelinux
oraclelinux
dnsmasq security update
2008-08-11 00:00:00
bind security update
2008-07-08 00:00:00
exploitpack
exploitpack
BIND 9.x - Remote DNS Cache Poisoning
2008-07-25 00:00:00
BIND 9.4.1 9.4.2 - Remote DNS Cache Poisoning (Metasploit)
2008-07-23 00:00:00
BIND 9.x - Remote DNS Cache Poisoning (Python)
2008-07-24 00:00:00
prion
prion
cve
cve
freebsd
freebsd
FreeBSD -- DNS cache poisoning
2008-07-08 00:00:00
f5
f5
K8938 : BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2013-03-19 00:00:00
SOL8938 - BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2008-07-10 00:00:00
checkpoint_security
checkpoint_security
Check Point response to DNS poisoning vulnerability CVE-2008-1447
2008-07-05 21:00:00
centos
centos
bind security update
2008-07-09 01:20:56
bind, caching, selinux security update
2008-07-08 22:25:27
rubygems
rubygems
ruby -- DNS spoofing vulnerability in resolv.rb
2008-05-04 20:00:00
mskb
mskb
MS08-037: Vulnerabilities in DNS could allow spoofing
2018-04-17 19:03:20
cisco
cisco
Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
2008-07-08 18:00:00
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%
Related for 959D384D-6B59-11DD-9D79-001FC61C2A55