Description
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Remediation
References
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4898)
SharePoint CVE-2021-24104 Vulnerability (CVE-2021-24104)
Mibew Messenger Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0829)
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-33320)