Lucene search
Ubuntu.comUB:CVE-2008-3905HistorySep 04, 2008 - 12:00 a.m.
CVE-2008-3905
2008-09-0400:00:00
ubuntu.com
ubuntu.com
20
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.009 Low
EPSS
Percentile
82.6%
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before
1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and
constant source ports for DNS requests, which makes it easier for remote
attackers to spoof DNS responses, a different vulnerability than
CVE-2008-1447.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | ruby1.8 | <Β 1.8.4-1ubuntu1.6 | UNKNOWN |
| ubuntu | 7.04 | noarch | ruby1.8 | <Β 1.8.5-4ubuntu2.3 | UNKNOWN |
| ubuntu | 7.10 | noarch | ruby1.8 | <Β 1.8.6.36-1ubuntu3.3 | UNKNOWN |
| ubuntu | 8.04 | noarch | ruby1.8 | <Β 1.8.6.111-2ubuntu1.2 | UNKNOWN |
| ubuntu | 8.10 | noarch | ruby1.9 | <Β 1.9.0.2-7 | UNKNOWN |
| ubuntu | 9.04 | noarch | ruby1.9 | <Β 1.9.0.2-7 | UNKNOWN |
| ubuntu | 9.10 | noarch | ruby1.9 | <Β 1.9.0.2-7 | UNKNOWN |
| ubuntu | 10.04 | noarch | ruby1.9 | <Β 1.9.0.2-7 | UNKNOWN |
Related
prion
prion
nessus
nessus
Slackware 11.0 / 12.0 / 12.1 : ruby (SSA:2008-334-01)
2008-12-01 00:00:00
openSUSE Security Update : dnsmasq (dnsmasq-147)
2009-07-21 00:00:00
Debian DSA-1605-1 : glibc - DNS cache poisoning
2008-07-10 00:00:00
cve
cve
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Multiple Vendor DNS Insufficient Socket Entropy Vulnerability
2008-07-08 00:00:00
Microsoft Windows DNS Insufficient Socket Entropy (MS08-037) - High Confidence (CVE-2008-1447)
2013-05-09 00:00:00
Microsoft Windows DNS Insufficient Socket Entropy (MS08-037; CVE-2008-1447)
2011-11-01 00:00:00
seebug
seebug
Ruby resolv.rbε―ι’ζ΅δΊδ»ΆIDεζΊη«―ε£DNSζ¬ΊιͺζΌζ΄
2009-01-06 00:00:00
BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
2014-07-01 00:00:00
BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)
2008-07-24 00:00:00
veracode
veracode
DNS Spoofing
2020-04-10 00:32:30
openvas
openvas
Nmap NSE net: dns-random-srcport
2011-06-01 00:00:00
Nmap NSE 6.01: dns-random-txid
2013-02-28 00:00:00
Slackware Advisory SSA:2008-191-02 bind
2012-09-11 00:00:00
osv
osv
refpolicy - incompatible policy
2008-07-25 00:00:00
bind9 - cache poisoning
2008-07-08 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package ruby version 1.8.7-alt6
2008-08-12 00:00:00
Security fix for the ALT Linux 5 package bind version 9.3.5-alt2
2008-06-06 00:00:00
Security fix for the ALT Linux 6 package bind version 9.3.5-alt2
2008-06-06 00:00:00
debian
debian
[SECURITY] [DSA-1619-2] New python-dns package fixes regression
2008-09-22 06:12:09
[SECURITY] [DSA-1619-2] New python-dns package fixes regression
2008-09-22 06:12:09
[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy
2008-07-25 06:29:36
securityvulns
securityvulns
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing
2008-07-29 00:00:00
CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
2008-07-25 00:00:00
ubuntu
ubuntu
Bind vulnerability
2008-07-08 00:00:00
Dnsmasq vulnerability
2008-07-22 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-08:06.bind
2008-07-13 00:00:00
slackware
slackware
[slackware-security] dnsmasq
2008-07-24 00:02:47
[slackware-security] ruby
2008-11-29 21:37:03
[slackware-security] bind
2008-07-10 04:29:01
redhat
redhat
(RHSA-2008:0533) Important: bind security update
2008-07-08 00:00:00
(RHSA-2008:0789) Moderate: dnsmasq security update
2008-08-11 00:00:00
oraclelinux
oraclelinux
dnsmasq security update
2008-08-11 00:00:00
bind security update
2008-07-08 00:00:00
exploitpack
exploitpack
BIND 9.x - Remote DNS Cache Poisoning
2008-07-25 00:00:00
BIND 9.4.1 9.4.2 - Remote DNS Cache Poisoning (Metasploit)
2008-07-23 00:00:00
BIND 9.x - Remote DNS Cache Poisoning (Python)
2008-07-24 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: bind-9.5.0-33.P1.fc9
2008-07-09 21:45:32
[SECURITY] Fedora 9 Update: dnsmasq-2.45-1.fc9
2009-02-14 22:11:22
[SECURITY] Fedora 9 Update: bind-9.5.1-1.P1.fc9
2009-01-15 02:51:25
freebsd
freebsd
FreeBSD -- DNS cache poisoning
2008-07-08 00:00:00
ruby -- DNS spoofing vulnerability
2008-08-08 00:00:00
f5
f5
K8938 : BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2013-03-19 00:00:00
SOL8938 - BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2008-07-10 00:00:00
packetstorm
packetstorm
bailiwicked_domain.rb.txt
2008-07-24 00:00:00
bind9x-poison.txt
2008-07-25 00:00:00
bailiwicked_host.rb.txt
2008-07-24 00:00:00
suse
suse
DNS cache poisoning in bind
2008-07-11 09:57:52
debiancve
debiancve
CVE-2008-1447
2008-07-08 23:41:00
CVE-2008-4099
2008-09-18 17:59:00
gentoo
gentoo
BIND: Cache poisoning
2008-07-11 00:00:00
pdnsd: Denial of Service and cache poisoning
2009-01-11 00:00:00
ubuntucve
ubuntucve
checkpoint_security
checkpoint_security
Check Point response to DNS poisoning vulnerability CVE-2008-1447
2008-07-05 21:00:00
centos
centos
bind security update
2008-07-09 01:20:56
bind, caching, selinux security update
2008-07-08 22:25:27
rubygems
rubygems
ruby -- DNS spoofing vulnerability in resolv.rb
2008-05-04 20:00:00
mskb
mskb
MS08-037: Vulnerabilities in DNS could allow spoofing
2018-04-17 19:03:20
cisco
cisco
Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
2008-07-08 18:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.009 Low
EPSS
Percentile
82.6%
Related for UB:CVE-2008-3905