Description
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2533 Vulnerability (CVE-2019-2533)
silverstripeCMS Improper Input Validation Vulnerability (CVE-2011-4962)
Ruby Resource Management Errors Vulnerability (CVE-2014-2734)
Perl Integer Overflow to Buffer Overflow Vulnerability (CVE-2026-8376)
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5090)