Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-651-1.NASL
HistoryApr 23, 2009 - 12:00 a.m.

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-651-1)

2009-04-2300:00:00
Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
29
JSON

Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2376)

Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443)

Keita Yamaguchi discovered several safe level vulnerabilities in Ruby.
An attacker could use this to bypass intended access restrictions.
(CVE-2008-3655)

Keita Yamaguchi discovered that WEBrick in Ruby did not properly validate paths ending with ‘.’. A remote attacker could send a crafted HTTP request and cause a denial of service. (CVE-2008-3656)

Keita Yamaguchi discovered that the dl module in Ruby did not check the taintness of inputs. An attacker could exploit this vulnerability to bypass safe levels and execute dangerous functions. (CVE-2008-3657)

Luka Treiber and Mitja Kolsek discovered that REXML in Ruby did not always use expansion limits when processing XML documents. If a user or automated system were tricked into open a crafted XML file, an attacker could cause a denial of service via CPU consumption.
(CVE-2008-3790)

Jan Lieskovsky discovered several flaws in the name resolver of Ruby.
A remote attacker could exploit this to spoof DNS entries, which could lead to misdirected traffic. This is a different vulnerability from CVE-2008-1447. (CVE-2008-3905).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-651-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(37068);
  script_version("1.29");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2008-1447", "CVE-2008-2376", "CVE-2008-3443", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3790", "CVE-2008-3905");
  script_bugtraq_id(30036, 30131, 30644, 30682, 30802);
  script_xref(name:"USN", value:"651-1");
  script_xref(name:"IAVA", value:"2008-A-0045");

  script_name(english:"Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-651-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Akira Tagoh discovered a vulnerability in Ruby which lead to an
integer overflow. If a user or automated system were tricked into
running a malicious script, an attacker could cause a denial of
service or possibly execute arbitrary code with the privileges of the
user invoking the program. (CVE-2008-2376)

Laurent Gaffie discovered that Ruby did not properly check for memory
allocation failures. If a user or automated system were tricked into
running a malicious script, an attacker could cause a denial of
service. (CVE-2008-3443)

Keita Yamaguchi discovered several safe level vulnerabilities in Ruby.
An attacker could use this to bypass intended access restrictions.
(CVE-2008-3655)

Keita Yamaguchi discovered that WEBrick in Ruby did not properly
validate paths ending with '.'. A remote attacker could send a crafted
HTTP request and cause a denial of service. (CVE-2008-3656)

Keita Yamaguchi discovered that the dl module in Ruby did not check
the taintness of inputs. An attacker could exploit this vulnerability
to bypass safe levels and execute dangerous functions. (CVE-2008-3657)

Luka Treiber and Mitja Kolsek discovered that REXML in Ruby did not
always use expansion limits when processing XML documents. If a user
or automated system were tricked into open a crafted XML file, an
attacker could cause a denial of service via CPU consumption.
(CVE-2008-3790)

Jan Lieskovsky discovered several flaws in the name resolver of Ruby.
A remote attacker could exploit this to spoof DNS entries, which could
lead to misdirected traffic. This is a different vulnerability from
CVE-2008-1447. (CVE-2008-3905).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/651-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 189, 264, 287, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:irb1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdbm-ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgdbm-ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libopenssl-ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libreadline-ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libruby1.8-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtcltk-ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:rdoc1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ri1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.8-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.8-elisp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.8-examples");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/10/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(6\.06|7\.04|7\.10|8\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 7.04 / 7.10 / 8.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"6.06", pkgname:"irb1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libdbm-ruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libgdbm-ruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libopenssl-ruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libreadline-ruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libruby1.8-dbg", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libtcltk-ruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"rdoc1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ri1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ruby1.8", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ruby1.8-dev", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ruby1.8-elisp", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ruby1.8-examples", pkgver:"1.8.4-1ubuntu1.6")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"irb1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libdbm-ruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libgdbm-ruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libopenssl-ruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libreadline-ruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libruby1.8-dbg", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libtcltk-ruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"rdoc1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"ri1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"ruby1.8", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"ruby1.8-dev", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"ruby1.8-elisp", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"ruby1.8-examples", pkgver:"1.8.5-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"irb1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libdbm-ruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libgdbm-ruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libopenssl-ruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libreadline-ruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libruby1.8-dbg", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libtcltk-ruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"rdoc1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"ri1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"ruby1.8", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"ruby1.8-dev", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"ruby1.8-elisp", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"ruby1.8-examples", pkgver:"1.8.6.36-1ubuntu3.3")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"irb1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libdbm-ruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libgdbm-ruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libopenssl-ruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libreadline-ruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libruby1.8-dbg", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"libtcltk-ruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"rdoc1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ri1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ruby1.8", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ruby1.8-dev", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ruby1.8-elisp", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ruby1.8-examples", pkgver:"1.8.6.111-2ubuntu1.2")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "irb1.8 / libdbm-ruby1.8 / libgdbm-ruby1.8 / libopenssl-ruby1.8 / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxirb1.8p-cpe:/a:canonical:ubuntu_linux:irb1.8
canonicalubuntu_linuxlibdbm-ruby1.8p-cpe:/a:canonical:ubuntu_linux:libdbm-ruby1.8
canonicalubuntu_linuxlibgdbm-ruby1.8p-cpe:/a:canonical:ubuntu_linux:libgdbm-ruby1.8
canonicalubuntu_linuxlibopenssl-ruby1.8p-cpe:/a:canonical:ubuntu_linux:libopenssl-ruby1.8
canonicalubuntu_linuxlibreadline-ruby1.8p-cpe:/a:canonical:ubuntu_linux:libreadline-ruby1.8
canonicalubuntu_linuxlibruby1.8p-cpe:/a:canonical:ubuntu_linux:libruby1.8
canonicalubuntu_linuxlibruby1.8-dbgp-cpe:/a:canonical:ubuntu_linux:libruby1.8-dbg
canonicalubuntu_linuxlibtcltk-ruby1.8p-cpe:/a:canonical:ubuntu_linux:libtcltk-ruby1.8
canonicalubuntu_linuxrdoc1.8p-cpe:/a:canonical:ubuntu_linux:rdoc1.8
canonicalubuntu_linuxri1.8p-cpe:/a:canonical:ubuntu_linux:ri1.8
Rows per page:
1-10 of 181

Related

openvas 81
ubuntu 3
nessus 41
debian 9
oraclelinux 4
osv 4
redhat 4
centos 5
freebsd 4
gentoo 1
fedora 3
suse 1
cve 8
prion 8
ubuntucve 7
checkpoint_advisories 2
seebug 2
veracode 3
checkpoint_security 1
packetstorm 1
securityvulns 2
altlinux 3
f5 1
exploitpack 1
openvas
openvas
Ubuntu Update for ruby1.8 vulnerabilities USN-651-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-651-1)
2009-03-23 00:00:00
CentOS Update for irb CESA-2008:0897 centos4 i386
2009-02-27 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2008-10-10 00:00:00
Ruby vulnerability
2008-12-16 00:00:00
Dnsmasq vulnerability
2008-07-22 00:00:00
nessus
nessus
Fedora 9 : ruby-1.8.6.287-2.fc9 (2008-8738)
2008-10-10 00:00:00
Fedora 8 : ruby-1.8.6.287-2.fc8 (2008-8736)
2008-10-10 00:00:00
Mandriva Linux Security Advisory : ruby (MDVSA-2008:226)
2009-04-23 00:00:00
debian
debian
[SECURITY] [DSA 1652-1] New ruby1.9 packages fix several vulnerabilities
2008-10-12 09:37:58
[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities
2008-10-12 09:36:52
[SECURITY] [DSA 1695-1] New Ruby packages fix denial of service
2009-01-02 21:47:08
oraclelinux
oraclelinux
ruby security update
2008-10-21 00:00:00
ruby security update
2008-10-21 00:00:00
bind security update
2008-07-08 00:00:00
osv
osv
ruby1.8 - several vulnerabilities
2008-10-12 00:00:00
ruby1.9 - several vulnerabilities
2008-10-12 00:00:00
ruby1.8 ruby1.9 - denial of service
2009-01-02 00:00:00
redhat
redhat
(RHSA-2008:0897) Moderate: ruby security update
2008-10-21 00:00:00
(RHSA-2008:0896) Moderate: ruby security update
2008-10-21 00:00:00
(RHSA-2008:0895) Moderate: ruby security update
2008-10-21 00:00:00
centos
centos
irb, ruby security update
2008-10-24 00:04:31
irb, ruby security update
2008-10-21 16:06:28
irb, ruby security update
2008-10-22 04:31:37
freebsd
freebsd
ruby -- DoS vulnerability in WEBrick
2008-08-08 00:00:00
ruby -- multiple vulnerabilities in safe level
2008-08-08 00:00:00
ruby -- DNS spoofing vulnerability
2008-08-08 00:00:00
gentoo
gentoo
Ruby: Multiple vulnerabilities
2008-12-16 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: ruby-1.8.6.287-2.fc9
2008-10-09 21:29:45
[SECURITY] Fedora 8 Update: ruby-1.8.6.287-2.fc8
2008-10-09 21:35:31
[SECURITY] Fedora 9 Update: bind-9.5.0-33.P1.fc9
2008-07-09 21:45:32
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03
cve
cve
CVE-2008-3905
2008-09-04 17:41:00
CVE-2008-3657
2008-08-13 01:41:00
CVE-2008-2376
2008-07-09 00:41:00
prion
prion
Design/Logic Flaw
2008-09-04 17:41:00
Privilege escalation
2008-08-27 20:41:00
Design/Logic Flaw
2008-08-14 23:41:00
ubuntucve
ubuntucve
CVE-2008-3905
2008-09-04 00:00:00
CVE-2008-3657
2008-08-12 00:00:00
CVE-2008-3790
2008-08-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Multiple Vendor DNS Insufficient Socket Entropy Vulnerability
2008-07-08 00:00:00
Microsoft Windows DNS Insufficient Socket Entropy (MS08-037) - High Confidence (CVE-2008-1447)
2013-05-09 00:00:00
seebug
seebug
Ruby resolv.rb可预测事件ID和源端口DNS欺骗漏洞
2009-01-06 00:00:00
Ruby regex.c远程拒绝服务漏洞
2009-01-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:26:04
DNS Spoofing
2020-04-10 00:32:30
Access Control Bypass
2020-04-10 00:26:04
checkpoint_security
checkpoint_security
Check Point response to DNS poisoning vulnerability CVE-2008-1447
2008-07-05 21:00:00
packetstorm
packetstorm
bailiwicked_host.rb.txt
2008-07-24 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
2008-07-12 00:00:00
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
2008-07-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package bind version 9.3.5-alt2
2008-06-06 00:00:00
Security fix for the ALT Linux 9 package bind version 9.3.5-alt2
2008-06-06 00:00:00
Security fix for the ALT Linux 5 package ruby version 1.8.7-alt6
2008-08-12 00:00:00
f5
f5
SOL8938 - BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2008-07-10 00:00:00
exploitpack
exploitpack
BIND 9.x - Remote DNS Cache Poisoning
2008-07-25 00:00:00
JSON
Related for UBUNTU_USN-651-1.NASL
openvas81ubuntu3nessus41debian9oraclelinux4osv4redhat4centos5freebsd4gentoo1fedora3suse1cve8prion8ubuntucve7checkpoint_advisories2seebug2veracode3checkpoint_security1packetstorm1securityvulns2altlinux3f51exploitpack1