Sha256: d834f4517422922bb85f044eac8aa10c66a071abb2d544e6ec751d272f1144c8

Contents?: true

Size: 464 Bytes

Versions: 6

Compression:

Stored size: 464 Bytes

Contents

---
engine: ruby
cve: 2008-1447
url: https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
title: ruby -- DNS spoofing vulnerability in resolv.rb
date: 2008-05-05
description: |
  resolv.rb allow remote attackers to spoof DNS answers. This risk can be
  reduced by randomness of DNS transaction IDs and source ports, so
  resolv.rb is fixed to randomize them.
cvss_v2: 5.0
patched_versions:
  - ~> 1.8.6.287
  - ~> 1.8.7.72
  - ">= 1.9.0"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml
bundler-budit-0.6.2 data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml
bundler-budit-0.6.1 data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml
bundler-audit-0.6.1 data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml
bundler-audit-0.6.0 data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml
bundler-audit-0.5.0 data/ruby-advisory-db/rubies/ruby/CVE-2008-1447.yml