Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-3009
HistoryAug 05, 2011 - 10:55 p.m.

CVE-2011-3009

2011-08-0522:55:01
CWE-310
[email protected]
web.nvd.nist.gov
1

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.9%

JSON

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.

Affected configurations

NVD
Node
ruby-langrubyRange1.8.6p111
OR
ruby-langrubyMatch1.8.6p110
OR
ruby-langrubyMatch1.8.6p36

Related

cvelist 3
cve 3
prion 2
ubuntucve 2
nessus 11
nvd 2
debiancve 1
openvas 14
veracode 1
rubygems 2
centos 1
oraclelinux 2
redhat 2
debian 1
osv 1
cvelist
cvelist
CVE-2011-3009
2011-08-05 22:00:00
CVE-2003-0900
2005-04-14 04:00:00
CVE-2011-2686
2011-08-05 21:00:00
cve
cve
CVE-2011-3009
2011-08-05 22:55:01
CVE-2003-0900
2005-04-14 04:00:00
CVE-2011-2686
2011-08-05 21:55:04
prion
prion
Sql injection
2011-08-05 22:55:00
Design/Logic Flaw
2011-08-05 21:55:00
ubuntucve
ubuntucve
CVE-2011-3009
2011-08-05 00:00:00
CVE-2011-2686
2011-08-05 00:00:00
nessus
nessus
Oracle Linux 6 : ruby (ELSA-2011-1581)
2023-09-07 00:00:00
Oracle Linux 4 / 5 : ruby (ELSA-2012-0070)
2013-07-12 00:00:00
CentOS 4 / 5 : ruby (CESA-2012:0070)
2012-01-31 00:00:00
nvd
nvd
CVE-2003-0900
2003-12-31 05:00:00
CVE-2011-2686
2011-08-05 21:55:04
debiancve
debiancve
CVE-2003-0900
2005-04-14 04:00:00
openvas
openvas
Ruby Random Number Values Information Disclosure Vulnerability
2011-08-29 00:00:00
Ruby Random Number Values Information Disclosure Vulnerability
2011-08-29 00:00:00
Oracle: Security Advisory (ELSA-2012-0070)
2015-10-06 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 01:07:08
rubygems
rubygems
Ruby Random Number Generation Local Denial Of Service Vulnerability
2011-07-01 20:00:00
Ruby Properly initialize the random number generator when forking new process
2011-07-01 20:00:00
centos
centos
irb, ruby security update
2012-01-30 18:44:29
oraclelinux
oraclelinux
ruby security update
2012-01-30 00:00:00
ruby security, bug fix, and enhancement update
2011-12-14 00:00:00
redhat
redhat
(RHSA-2012:0070) Moderate: ruby security update
2012-01-30 00:00:00
(RHSA-2011:1581) Low: ruby security, bug fix, and enhancement update
2011-12-06 00:00:00
debian
debian
[SECURITY] [DLA 88-1] ruby1.8 security update
2014-11-21 15:18:14
osv
osv
ruby1.8 - security update
2014-11-21 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.9%

JSON
Related for NVD:CVE-2011-3009
cvelist3cve3prion2ubuntucve2nessus11nvd2debiancve1openvas14veracode1rubygems2centos1oraclelinux2redhat2debian1osv1