CVE-2008-3905 — Improper Authentication in Ruby

CWE-287 — Improper Authentication6 documents6 sources

Severity

5.8MEDIUMNVD

CNA6.8

EPSS

3.2%

top 12.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ruby-lang Ruby

Timeline

PublishedSep 4

Latest updateMay 2

Description

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

CVSS vector

AV:N/AC:M/C:N/I:P/A:PExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

▶NVDruby-lang/ruby1.8.5+12

Patches

Patch: www.ruby-lang.org ↗Patch: www.ruby-lang.org ↗

🔴Vulnerability Details

GHSA

GHSA-vwcj-mf69-7rfw: resolv↗2022-05-02

▶

CVEList

CVE-2008-3905: resolv↗2008-09-04

▶

📋Vendor Advisories

Ubuntu

Ruby vulnerabilities↗2008-10-10

▶

Red Hat

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module↗2008-08-08

▶

💬Community

Bugzilla

CVE-2008-3905 ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module↗2008-09-08

▶