National Cyber-Alert System

Vulnerability Summary for CVE-2008-3905

Overview

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

Type: Patch Information

Hyperlink:http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

External Source: FEDORA

Name: FEDORA-2008-8736

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html

External Source: FEDORA

Name: FEDORA-2008-8738

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html

External Source: XF

Name: ruby-resolv-dns-spoofing(45935)

Hyperlink:http://xforce.iss.net/xforce/xfdb/45935

External Source: UBUNTU

Name: USN-651-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-651-1

External Source: BID

Name: 31699

Hyperlink:http://www.securityfocus.com/bid/31699

External Source: REDHAT

Name: RHSA-2008:0897

Hyperlink:http://www.redhat.com/support/errata/RHSA-2008-0897.html

External Source: MLIST

Name: [oss-security] 20080904 Re: CVE Request (ruby -- DNS spoofing vulnerability

Hyperlink:http://www.openwall.com/lists/oss-security/2008/09/04/9

External Source: MLIST

Name: [oss-security] 20080903 CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb)

Hyperlink:http://www.openwall.com/lists/oss-security/2008/09/03/3

External Source: VUPEN

Name: ADV-2008-2334

Hyperlink:http://www.frsirt.com/english/advisories/2008/2334

External Source: DEBIAN

Name: DSA-1652

Hyperlink:http://www.debian.org/security/2008/dsa-1652

External Source: DEBIAN

Name: DSA-1651

Hyperlink:http://www.debian.org/security/2008/dsa-1651

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm

External Source: SLACKWARE

Name: SSA:2008-334-01

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.371754

External Source: GENTOO

Name: GLSA-200812-17

Hyperlink:http://security.gentoo.org/glsa/glsa-200812-17.xml

External Source: SECUNIA

Name: 33178

Hyperlink:http://secunia.com/advisories/33178

External Source: SECUNIA

Name: 32948

Hyperlink:http://secunia.com/advisories/32948

External Source: SECUNIA

Name: 32371

Hyperlink:http://secunia.com/advisories/32371

External Source: SECUNIA

Name: 32256

Hyperlink:http://secunia.com/advisories/32256

External Source: SECUNIA

Name: 32255

Hyperlink:http://secunia.com/advisories/32255

External Source: SECUNIA

Name: 32219

Hyperlink:http://secunia.com/advisories/32219

External Source: SECUNIA

Name: 32165

Hyperlink:http://secunia.com/advisories/32165

External Source: SECUNIA

Name: 31430

Hyperlink:http://secunia.com/advisories/31430