ID CVE-2008-3905
Summary resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
References
Vulnerable Configurations
  • cpe:2.3:a:ruby-lang:ruby:1.6
    cpe:2.3:a:ruby-lang:ruby:1.6
  • cpe:2.3:a:ruby-lang:ruby:1.6.8
    cpe:2.3:a:ruby-lang:ruby:1.6.8
  • ruby-lang Ruby 1.8.0
    cpe:2.3:a:ruby-lang:ruby:1.8.0
  • Ruby-lang Ruby 1.8.1
    cpe:2.3:a:ruby-lang:ruby:1.8.1
  • Ruby-lang Ruby 1.8.2
    cpe:2.3:a:ruby-lang:ruby:1.8.2
  • Ruby-lang Ruby 1.8.3
    cpe:2.3:a:ruby-lang:ruby:1.8.3
  • Ruby-lang Ruby 1.8.4
    cpe:2.3:a:ruby-lang:ruby:1.8.4
  • Ruby-lang Ruby 1.8.5
    cpe:2.3:a:ruby-lang:ruby:1.8.5
  • Ruby-lang Ruby 1.8.6
    cpe:2.3:a:ruby-lang:ruby:1.8.6
  • cpe:2.3:a:ruby-lang:ruby:1.8.6:p110
    cpe:2.3:a:ruby-lang:ruby:1.8.6:p110
  • cpe:2.3:a:ruby-lang:ruby:1.8.6:p111
    cpe:2.3:a:ruby-lang:ruby:1.8.6:p111
  • cpe:2.3:a:ruby-lang:ruby:1.8.6:p114
    cpe:2.3:a:ruby-lang:ruby:1.8.6:p114
  • cpe:2.3:a:ruby-lang:ruby:1.8.6:p230
    cpe:2.3:a:ruby-lang:ruby:1.8.6:p230
  • cpe:2.3:a:ruby-lang:ruby:1.8.6:p286
    cpe:2.3:a:ruby-lang:ruby:1.8.6:p286
  • cpe:2.3:a:ruby-lang:ruby:1.8.6:p36
    cpe:2.3:a:ruby-lang:ruby:1.8.6:p36
  • Ruby-lang Ruby 1.8.6 Preview 1
    cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1
  • Ruby-lang Ruby 1.8.6 Preview 2
    cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2
  • Ruby-lang Ruby 1.8.6 Preview 3
    cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3
  • ruby-lang Ruby 1.8.7
    cpe:2.3:a:ruby-lang:ruby:1.8.7
  • ruby-lang Ruby 1.8.7-p17
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p17
  • ruby-lang Ruby 1.8.7-p22
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p22
  • ruby-lang Ruby 1.8.7-p71
    cpe:2.3:a:ruby-lang:ruby:1.8.7:p71
  • ruby-lang Ruby 1.8.7-preview1
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1
  • ruby-lang Ruby 1.8.7-preview2
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2
  • ruby-lang Ruby 1.8.7-preview3
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3
  • ruby-lang Ruby 1.8.7-preview4
    cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4
  • cpe:2.3:a:ruby-lang:ruby:1.9:r18423
    cpe:2.3:a:ruby-lang:ruby:1.9:r18423
CVSS
Base: 5.8 (as of 04-09-2008 - 15:01)
Impact:
Exploitability:
CWE CWE-287
CAPEC
  • Authentication Abuse
    An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker. This attack may exploit assumptions made by the target's authentication procedures, such as assumptions regarding trust relationships or assumptions regarding the generation of secret values. This attack differs from Authentication Bypass attacks in that Authentication Abuse allows the attacker to be certified as a valid user through illegitimate means, while Authentication Bypass allows the user to access protected material without ever being certified as an authenticated user. This attack does not rely on prior sessions established by successfully authenticating users, as relied upon for the "Exploitation of Session Variables, Resource IDs and other Trusted Credentials" attack patterns.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Utilizing REST's Trust in the System Resource to Register Man in the Middle
    This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to place man in the middle once SSL is terminated. Rest applications premise is that they leverage existing infrastructure to deliver web services functionality. An example of this is a Rest application that uses HTTP Get methods and receives a HTTP response with an XML document. These Rest style web services are deployed on existing infrastructure such as Apache and IIS web servers with no SOAP stack required. Unfortunately from a security standpoint, there frequently is no interoperable identity security mechanism deployed, so Rest developers often fall back to SSL to deliver security. In large data centers, SSL is typically terminated at the edge of the network - at the firewall, load balancer, or router. Once the SSL is terminated the HTTP request is in the clear (unless developers have hashed or encrypted the values, but this is rare). The attacker can utilize a sniffer such as Wireshark to snapshot the credentials, such as username and password that are passed in the clear once SSL is terminated. Once the attacker gathers these credentials, they can submit requests to the web service provider just as authorized user do. There is not typically an authentication on the client side, beyond what is passed in the request itself so once this is compromised, then this is generally sufficient to compromise the service's authentication scheme.
  • Man in the Middle Attack
    This type of attack targets the communication between two components (typically client and server). The attacker places himself in the communication channel between the two components. Whenever one component attempts to communicate with the other (data flow, authentication challenges, etc.), the data first goes to the attacker, who has the opportunity to observe or alter it, and it is then passed on to the other component as if it was never intercepted. This interposition is transparent leaving the two compromised components unaware of the potential corruption or leakage of their communications. The potential for Man-in-the-Middle attacks yields an implicit lack of trust in communication or identify between two components.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0896.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34462
    published 2008-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34462
    title CentOS 3 : ruby (CESA-2008:0896)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-334-01.NASL
    description New ruby packages are available for Slackware 11.0, 12.0, and 12.1 to fix bugs and a security issue.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 34972
    published 2008-12-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34972
    title Slackware 11.0 / 12.0 / 12.1 : ruby (SSA:2008-334-01)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1652.NASL
    description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. - CVE-2008-3656 Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. - CVE-2008-3657 It was discovered that the dl module doesn't perform taintness checks. - CVE-2008-3790 Luka Treiber and Mitja Kolsek discovered that recursively nested XML entities can lead to denial of service through resource exhaustion in rexml. - CVE-2008-3905 Tanaka Akira discovered that the resolv module uses sequential transaction IDs and a fixed source port for DNS queries, which makes it more vulnerable to DNS spoofing attacks.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34388
    published 2008-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34388
    title Debian DSA-1652-1 : ruby1.9 - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1651.NASL
    description Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe level restrictions are insufficiently enforced. - CVE-2008-3656 Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion. - CVE-2008-3657 It was discovered that the dl module doesn't perform taintness checks. - CVE-2008-3790 Luka Treiber and Mitja Kolsek discovered that recursively nested XML entities can lead to denial of service through resource exhaustion in rexml. - CVE-2008-3905 Tanaka Akira discovered that the resolv module uses sequential transaction IDs and a fixed source port for DNS queries, which makes it more vulnerable to DNS spoofing attacks.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34387
    published 2008-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34387
    title Debian DSA-1651-1 : ruby1.8 - several vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0896.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 34465
    published 2008-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34465
    title RHEL 3 : ruby (RHSA-2008:0896)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0896.NASL
    description From Red Hat Security Advisory 2008:0896 : Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 67751
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67751
    title Oracle Linux 3 : ruby (ELSA-2008-0896)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200812-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-200812-17 (Ruby: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws: Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662). Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663). Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664). Memory corruption ('REALLOC_N') in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2725). Memory corruption ('beg + rlen') in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2726). Furthermore, several other vulnerabilities have been reported: Tanaka Akira reported an issue with resolv.rb that enables attackers to spoof DNS responses (CVE-2008-1447). Akira Tagoh of RedHat discovered a Denial of Service (crash) issue in the rb_ary_fill() function in array.c (CVE-2008-2376). Several safe level bypass vulnerabilities were discovered and reported by Keita Yamaguchi (CVE-2008-3655). Christian Neukirchen is credited for discovering a Denial of Service (CPU consumption) attack in the WEBRick HTTP server (CVE-2008-3656). A fault in the dl module allowed the circumvention of taintness checks which could possibly lead to insecure code execution was reported by 'sheepman' (CVE-2008-3657). Tanaka Akira again found a DNS spoofing vulnerability caused by the resolv.rb implementation using poor randomness (CVE-2008-3905). Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial of Service (CPU consumption) vulnerability in the REXML module when dealing with recursive entity expansion (CVE-2008-3790). Impact : These vulnerabilities allow remote attackers to execute arbitrary code, spoof DNS responses, bypass Ruby's built-in security and taintness checks, and cause a Denial of Service via crash or CPU exhaustion. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 35188
    published 2008-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35188
    title GLSA-200812-17 : Ruby: Multiple vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_F7BA20AA6B5A11DD9D79001FC61C2A55.NASL
    description The official ruby site reports : WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.split_header_value.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33907
    published 2008-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33907
    title FreeBSD : ruby -- DoS vulnerability in WEBrick (f7ba20aa-6b5a-11dd-9d79-001fc61c2a55)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-8736.NASL
    description Update to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing 'taintness' checks in dl module - CVE-2008-3905 - resolv.rb adds random transactions ids and source ports to prevent DNS spoofing attacks http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in- rexml/ - CVE-2008-3790 - DoS in the REXML module One issue not covered by any upstream advisory: - CVE-2008-3443 - DoS in the regular expression engine Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 34379
    published 2008-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34379
    title Fedora 8 : ruby-1.8.6.287-2.fc8 (2008-8736)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_C329712A6B5B11DD9D79001FC61C2A55.NASL
    description The official ruby site reports : Several vulnerabilities in safe level have been discovereds:. - untrace_var is permitted at safe level 4; - $PROGRAM_NAME may be modified at safe level 4; - insecure methods may be called at safe level 1-3; - syslog operations are permitted at safe level 4; - dl doesn't check taintness, so it could allow attackers to call dangerous functions.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33906
    published 2008-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33906
    title FreeBSD : ruby -- multiple vulnerabilities in safe level (c329712a-6b5b-11dd-9d79-001fc61c2a55)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0897.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby's XML document parsing module (REXML) was prone to a denial of service attack via XML documents with large XML entity definitions recursion. A specially crafted XML file could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory. (CVE-2008-3790) An insufficient 'taintness' check flaw was discovered in Ruby's DL module, which provides direct access to the C language functions. An attacker could use this flaw to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted inputs. (CVE-2008-3657) A denial of service flaw was discovered in WEBrick, Ruby's HTTP server toolkit. A remote attacker could send a specially crafted HTTP request to a WEBrick server that would cause the server to use an excessive amount of CPU time. (CVE-2008-3656) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34502
    published 2008-10-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34502
    title CentOS 4 / 5 : ruby (CESA-2008:0897)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_RUBY-090703.NASL
    description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby's access restriction code (CVE-2008-3655) as well as safe-level handling using function DL.dlopen() (CVE-2008-3657) and big decimal handling (CVE-2009-1904) was improved. Bypassing HTTP basic authentication (authenticate_with_http_digest) is not possible anymore.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40306
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40306
    title openSUSE Security Update : ruby (ruby-1070)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12452.NASL
    description This update for ruby fixes the following security issues : - Improve return value checks for OpenSSL function OCSP_basic_verify() to refuse usage of revoked certificates. (CVE-2009-0642) - Increase entropy of DNS identifiers to avoid spoofing attacks. (CVE-2008-3905) - Fix denial of service (DoS) vulnerability while parsing XML data. (CVE-2008-3790) - Fix possible attack on algorithm complexity in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests or by using the regex engine to cause high CPU load. (CVE-2008-3656, CVE-2008-3443) - Improve ruby's access restriction code. (CVE-2008-3655) - Improve safe-level handling using function DL.dlopen(). (CVE-2008-3657) - Improve big decimal handling. (CVE-2009-1904) - Disable bypassing of HTTP basic authentication (authenticate_with_http_digest).
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41312
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41312
    title SuSE9 Security Update : ruby (YOU Patch Number 12452)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0897.NASL
    description From Red Hat Security Advisory 2008:0897 : Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby's XML document parsing module (REXML) was prone to a denial of service attack via XML documents with large XML entity definitions recursion. A specially crafted XML file could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory. (CVE-2008-3790) An insufficient 'taintness' check flaw was discovered in Ruby's DL module, which provides direct access to the C language functions. An attacker could use this flaw to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted inputs. (CVE-2008-3657) A denial of service flaw was discovered in WEBrick, Ruby's HTTP server toolkit. A remote attacker could send a specially crafted HTTP request to a WEBrick server that would cause the server to use an excessive amount of CPU time. (CVE-2008-3656) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 67752
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67752
    title Oracle Linux 4 / 5 : ruby (ELSA-2008-0897)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20081021_RUBY_ON_SL3_X.NASL
    description The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby's XML document parsing module (REXML) was prone to a denial of service attack via XML documents with large XML entity definitions recursion. A specially crafted XML file could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory. (CVE-2008-3790) An insufficient 'taintness' check flaw was discovered in Ruby's DL module, which provides direct access to the C language functions. An attacker could use this flaw to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted inputs. (CVE-2008-3657) A denial of service flaw was discovered in WEBrick, Ruby's HTTP server toolkit. A remote attacker could send a specially crafted HTTP request to a WEBrick server that would cause the server to use an excessive amount of CPU time. (CVE-2008-3656) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60485
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60485
    title Scientific Linux Security Update : ruby on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-226.NASL
    description A denial of service condition was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash (CVE-2008-3443). A number of flaws were found in Ruby that could allow an attacker to create a carefully crafted script that could allow for the bypass of certain safe-level restrictions (CVE-2008-3655). A denial of service vulnerability was found in Ruby's HTTP server toolkit, WEBrick. A remote attacker could send a specially crafted HTTP request to a WEBrick server that would cause it to use an excessive amount of CPU time (CVE-2008-3656). An insufficient taintness check issue was found in Ruby's DL module, a module that provides direct access to the C language functions. This flaw could be used by an attacker to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted input (CVE-2008-3657). A denial of service condition in Ruby's XML document parsing module (REXML) could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory via XML documents with large XML entitity definitions recursion (CVE-2008-3790). The Ruby DNS resolver library used predictable transaction IDs and a fixed source port when sending DNS requests. This could be used by a remote attacker to spoof a malicious reply to a DNS query (CVE-2008-3905). The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 38018
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38018
    title Mandriva Linux Security Advisory : ruby (MDVSA-2008:226)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0897.NASL
    description Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented programming. The Ruby DNS resolver library, resolv.rb, used predictable transaction IDs and a fixed source port when sending DNS requests. A remote attacker could use this flaw to spoof a malicious reply to a DNS query. (CVE-2008-3905) Ruby's XML document parsing module (REXML) was prone to a denial of service attack via XML documents with large XML entity definitions recursion. A specially crafted XML file could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory. (CVE-2008-3790) An insufficient 'taintness' check flaw was discovered in Ruby's DL module, which provides direct access to the C language functions. An attacker could use this flaw to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted inputs. (CVE-2008-3657) A denial of service flaw was discovered in WEBrick, Ruby's HTTP server toolkit. A remote attacker could send a specially crafted HTTP request to a WEBrick server that would cause the server to use an excessive amount of CPU time. (CVE-2008-3656) A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2008-3655) A denial of service flaw was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite-loop and crash. (CVE-2008-3443) Users of ruby should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 34466
    published 2008-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34466
    title RHEL 4 / 5 : ruby (RHSA-2008:0897)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_RUBY-6339.NASL
    description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby's access restriction code (CVE-2008-3655) as well as safe-level handling using function DL.dlopen() (CVE-2008-3657) and big decimal handling (CVE-2009-1904) was improved. Bypassing HTTP basic authentication (authenticate_with_http_digest) is not possible anymore.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 42032
    published 2009-10-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42032
    title openSUSE 10 Security Update : ruby (ruby-6339)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_RUBY-090703.NASL
    description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby's access restriction code (CVE-2008-3655) as well as safe-level handling using function DL.dlopen() (CVE-2008-3657) and big decimal handling (CVE-2009-1904) was improved. Bypassing HTTP basic authentication (authenticate_with_http_digest) is not possible anymore.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40122
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40122
    title openSUSE Security Update : ruby (ruby-1070)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-8738.NASL
    description Update to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability (CPU consumption) - CVE-2008-3657 - missing 'taintness' checks in dl module - CVE-2008-3905 - resolv.rb adds random transactions ids and source ports to prevent DNS spoofing attacks http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in- rexml/ - CVE-2008-3790 - DoS in the REXML module One issue not covered by any upstream advisory: - CVE-2008-3443 - DoS in the regular expression engine Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 34380
    published 2008-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34380
    title Fedora 9 : ruby-1.8.6.287-2.fc9 (2008-8738)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_RUBY-090703.NASL
    description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug. (CVE-2008-3790) An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby's access restriction code (CVE-2008-3655) as well as safe-level handling using function DL.dlopen() (CVE-2008-3657) and big decimal handling (CVE-2009-1904) was improved. Bypassing HTTP basic authentication (authenticate_with_http_digest) is not possible anymore.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41452
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41452
    title SuSE 11 Security Update : ruby (SAT Patch Number 1073)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-651-1.NASL
    description Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2376) Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443) Keita Yamaguchi discovered several safe level vulnerabilities in Ruby. An attacker could use this to bypass intended access restrictions. (CVE-2008-3655) Keita Yamaguchi discovered that WEBrick in Ruby did not properly validate paths ending with '.'. A remote attacker could send a crafted HTTP request and cause a denial of service. (CVE-2008-3656) Keita Yamaguchi discovered that the dl module in Ruby did not check the taintness of inputs. An attacker could exploit this vulnerability to bypass safe levels and execute dangerous functions. (CVE-2008-3657) Luka Treiber and Mitja Kolsek discovered that REXML in Ruby did not always use expansion limits when processing XML documents. If a user or automated system were tricked into open a crafted XML file, an attacker could cause a denial of service via CPU consumption. (CVE-2008-3790) Jan Lieskovsky discovered several flaws in the name resolver of Ruby. A remote attacker could exploit this to spoof DNS entries, which could lead to misdirected traffic. This is a different vulnerability from CVE-2008-1447. (CVE-2008-3905). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 37068
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37068
    title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-651-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_RUBY-6338.NASL
    description This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby's access restriction code (CVE-2008-3655) as well as safe-level handling using function DL.dlopen() (CVE-2008-3657) and big decimal handling (CVE-2009-1904) was improved. Bypassing HTTP basic authentication (authenticate_with_http_digest) is not possible anymore.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51760
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51760
    title SuSE 10 Security Update : ruby (ZYPP Patch Number 6338)
oval via4
accepted 2013-04-29T04:00:42.271-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
family unix
id oval:org.mitre.oval:def:10034
status accepted
submitted 2010-07-09T03:56:16-04:00
title resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
version 24
redhat via4
advisories
  • bugzilla
    id 461495
    title CVE-2008-3905 ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module
    oval
    AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhba:tst:20070026001
    • OR
      • AND
        • comment irb is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896008
        • comment irb is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729015
      • AND
        • comment ruby is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896002
        • comment ruby is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729003
      • AND
        • comment ruby-devel is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896010
        • comment ruby-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729011
      • AND
        • comment ruby-docs is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896014
        • comment ruby-docs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729007
      • AND
        • comment ruby-libs is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896004
        • comment ruby-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729009
      • AND
        • comment ruby-mode is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896006
        • comment ruby-mode is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729005
      • AND
        • comment ruby-tcltk is earlier than 0:1.6.8-13.el3
          oval oval:com.redhat.rhsa:tst:20080896012
        • comment ruby-tcltk is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20060729013
    rhsa
    id RHSA-2008:0896
    released 2008-10-21
    severity Moderate
    title RHSA-2008:0896: ruby security update (Moderate)
  • bugzilla
    id 461495
    title CVE-2008-3905 ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment irb is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897014
          • comment irb is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729015
        • AND
          • comment ruby is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897002
          • comment ruby is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729003
        • AND
          • comment ruby-devel is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897008
          • comment ruby-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729011
        • AND
          • comment ruby-docs is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897006
          • comment ruby-docs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729007
        • AND
          • comment ruby-libs is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897010
          • comment ruby-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729009
        • AND
          • comment ruby-mode is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897012
          • comment ruby-mode is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729005
        • AND
          • comment ruby-tcltk is earlier than 0:1.8.1-7.el4_7.1
            oval oval:com.redhat.rhsa:tst:20080897004
          • comment ruby-tcltk is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060729013
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment ruby is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897017
          • comment ruby is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965003
        • AND
          • comment ruby-devel is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897033
          • comment ruby-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965013
        • AND
          • comment ruby-docs is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897029
          • comment ruby-docs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965017
        • AND
          • comment ruby-irb is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897023
          • comment ruby-irb is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965011
        • AND
          • comment ruby-libs is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897019
          • comment ruby-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965019
        • AND
          • comment ruby-mode is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897027
          • comment ruby-mode is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965005
        • AND
          • comment ruby-rdoc is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897025
          • comment ruby-rdoc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965007
        • AND
          • comment ruby-ri is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897021
          • comment ruby-ri is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965015
        • AND
          • comment ruby-tcltk is earlier than 0:1.8.5-5.el5_2.5
            oval oval:com.redhat.rhsa:tst:20080897031
          • comment ruby-tcltk is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070965009
    rhsa
    id RHSA-2008:0897
    released 2008-10-21
    severity Moderate
    title RHSA-2008:0897: ruby security update (Moderate)
rpms
  • irb-0:1.6.8-13.el3
  • ruby-0:1.6.8-13.el3
  • ruby-devel-0:1.6.8-13.el3
  • ruby-docs-0:1.6.8-13.el3
  • ruby-libs-0:1.6.8-13.el3
  • ruby-mode-0:1.6.8-13.el3
  • ruby-tcltk-0:1.6.8-13.el3
  • irb-0:1.8.1-7.el4_7.1
  • ruby-0:1.8.1-7.el4_7.1
  • ruby-devel-0:1.8.1-7.el4_7.1
  • ruby-docs-0:1.8.1-7.el4_7.1
  • ruby-libs-0:1.8.1-7.el4_7.1
  • ruby-mode-0:1.8.1-7.el4_7.1
  • ruby-tcltk-0:1.8.1-7.el4_7.1
  • ruby-0:1.8.5-5.el5_2.5
  • ruby-devel-0:1.8.5-5.el5_2.5
  • ruby-docs-0:1.8.5-5.el5_2.5
  • ruby-irb-0:1.8.5-5.el5_2.5
  • ruby-libs-0:1.8.5-5.el5_2.5
  • ruby-mode-0:1.8.5-5.el5_2.5
  • ruby-rdoc-0:1.8.5-5.el5_2.5
  • ruby-ri-0:1.8.5-5.el5_2.5
  • ruby-tcltk-0:1.8.5-5.el5_2.5
refmap via4
bid 31699
confirm
debian
  • DSA-1651
  • DSA-1652
fedora
  • FEDORA-2008-8736
  • FEDORA-2008-8738
gentoo GLSA-200812-17
mlist
  • [oss-security] 20080903 CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb)
  • [oss-security] 20080904 Re: CVE Request (ruby -- DNS spoofing vulnerability
secunia
  • 31430
  • 32165
  • 32219
  • 32255
  • 32256
  • 32371
  • 32948
  • 33178
slackware SSA:2008-334-01
ubuntu USN-651-1
vupen ADV-2008-2334
xf ruby-resolv-dns-spoofing(45935)
Last major update 07-03-2011 - 22:11
Published 04-09-2008 - 13:41
Last modified 03-10-2018 - 17:55
Back to Top