[FREEBSD:959D384D-6B59-11DD-9D79-001FC61C2A55] ruby -- DNS spoofing vulnerability

Severity Medium

Affected Packages 1

CVEs 1

The official ruby site reports:

  resolv.rb allow remote attackers to spoof DNS answers. This risk
    can be reduced by randomness of DNS transaction IDs and source
    ports.

Package	Affected Version
pkg:freebsd/ruby	< 1.8.6.111_5,1

ID

FREEBSD:959D384D-6B59-11DD-9D79-001FC61C2A55

Severity

medium

Severity from

CVE-2008-1447

URL

Published

2008-08-08T00:00:00
(16 years ago)

Modified

2008-08-16T00:00:00
(16 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:freebsd/ruby		ruby	< 1.8.6.111_5,1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date