Novell Home

CVE-2008-3905

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2008-3905 at MITRE

Description

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Novell Bugzilla entry: 423234

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Novell Linux POS 9
Open Enterprise Server
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
  • ruby >= 1.8.1-42.27
 core9. s390
sles9-nld. x86
core9. x86-64
sles9-nlpos. x86
core9. ia64
core9. ppc
sles9-nld. x86-64
sles9-oes. x86
core9. x86
core9. s390x
YOU Patch Nr: 12452
openSUSE 10.3
openSUSE 11.0
  • ruby >= 1.8.6.p369-0.1
  • ruby-devel >= 1.8.6.p369-0.1
  • ruby-doc-html >= 1.8.6.p369-0.1
  • ruby-doc-ri >= 1.8.6.p369-0.1
  • ruby-examples >= 1.8.6.p369-0.1
  • ruby-test-suite >= 1.8.6.p369-0.1
  • ruby-tk >= 1.8.6.p369-0.1
 ZYPP Patch Nr: 6339
SAT Patch Nr: 1070
openSUSE 11.0
  • ruby-debuginfo >= 1.8.6.p369-0.1
  • ruby-debugsource >= 1.8.6.p369-0.1
 ZYPP Patch Nr: 6339
SAT Patch Nr: 1070
openSUSE 11.1
  • ruby-debuginfo >= 1.8.7.p72-5.4.1
  • ruby-debugsource >= 1.8.7.p72-5.4.1
 ZYPP Patch Nr: 6339
SAT Patch Nr: 1070
openSUSE 11.1
  • ruby >= 1.8.7.p72-5.4.1
  • ruby-devel >= 1.8.7.p72-5.4.1
  • ruby-doc-html >= 1.8.7.p72-5.4.1
  • ruby-doc-ri >= 1.8.7.p72-5.4.1
  • ruby-examples >= 1.8.7.p72-5.4.1
  • ruby-test-suite >= 1.8.7.p72-5.4.1
  • ruby-tk >= 1.8.7.p72-5.4.1
 ZYPP Patch Nr: 6339
SAT Patch Nr: 1070
SLES 11 DEBUGINFO
  • ruby-debuginfo >= 1.8.7.p72-5.22.1
  • ruby-debugsource >= 1.8.7.p72-5.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. ia64
SAT Patch Nr: 1073
SLE 11
  • ruby-devel >= 1.8.7.p72-5.22.1
  • ruby-doc-html >= 1.8.7.p72-5.22.1
  • ruby-doc-ri >= 1.8.7.p72-5.22.1
  • ruby-examples >= 1.8.7.p72-5.22.1
  • ruby-test-suite >= 1.8.7.p72-5.22.1
  • ruby-tk >= 1.8.7.p72-5.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. ia64
SAT Patch Nr: 1073
SLE 11
  • ruby-devel >= 1.8.7.p72-5.22.1
  • ruby-doc-ri >= 1.8.7.p72-5.22.1
  • ruby-examples >= 1.8.7.p72-5.22.1
  • ruby-test-suite >= 1.8.7.p72-5.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. ia64
SAT Patch Nr: 1073
SLED 11
  • ruby >= 1.8.7.p72-5.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. ia64
SAT Patch Nr: 1073
SLES 11
  • ruby >= 1.8.7.p72-5.22.1
  • ruby-doc-html >= 1.8.7.p72-5.22.1
  • ruby-tk >= 1.8.7.p72-5.22.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. ia64
SAT Patch Nr: 1073
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP2 for x86
  • ruby >= 1.8.6.p369-0.4
 sles10-sp2-sdk. x86-64
sled10-sp2. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. x86
sles10-sp2-sdk. ppc
sles10-sp2-sdk. ia64
sled10-sp2. x86-64
ZYPP Patch Nr: 6338
SLE SDK 10 SP2 for IBM iSeries and IBM pSeries
SLE SDK 10 SP2 for IBM zSeries
SLE SDK 10 SP2 for IPF
SLE SDK 10 SP2 for X86-64
SLE SDK 10 SP2 for x86
  • ruby >= 1.8.6.p369-0.4
  • ruby-devel >= 1.8.6.p369-0.4
  • ruby-doc-html >= 1.8.6.p369-0.4
  • ruby-doc-ri >= 1.8.6.p369-0.4
  • ruby-examples >= 1.8.6.p369-0.4
  • ruby-test-suite >= 1.8.6.p369-0.4
  • ruby-tk >= 1.8.6.p369-0.4
 sles10-sp2-sdk. x86-64
sled10-sp2. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. x86
sles10-sp2-sdk. ppc
sles10-sp2-sdk. ia64
sled10-sp2. x86-64
ZYPP Patch Nr: 6338

Novell® Making IT Work As One

© 2010 Novell