Vulnerability Details : CVE-2008-3657
Potential exploit
The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen.
Vulnerability category: Input validation
Products affected by CVE-2008-3657
- cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.1:-9:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.2:preview2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.4:preview1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:p115:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:p12:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:preview4:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:preview5:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.2:preview3:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.2:preview4:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.4:preview2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.4:preview3:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:p2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.6:p110:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.6:preview2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.6:preview3:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.3:preview2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.3:preview3:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:p113:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:preview1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:preview2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:preview3:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.6:preview1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.3:preview1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:p11:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.5:p35:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.6:p114:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
Threat overview for CVE-2008-3657
Top countries where our scanners detected CVE-2008-3657
Top open port discovered on systems with this issue
443
IPs affected by CVE-2008-3657 1,791
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-3657!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-3657
34.91%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-3657
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2008-3657
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-3657
-
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
Multiple vulnerabilities in Ruby
-
http://www.securitytracker.com/id?1020652
-
http://www.redhat.com/support/errata/RHSA-2008-0897.html
-
http://security.gentoo.org/glsa/glsa-200812-17.xml
Ruby: Multiple vulnerabilities (GLSA 200812-17) — Gentoo security
-
http://www.vupen.com/english/advisories/2009/1297
Webmail: access your OVH emails on ovhcloud.com | OVHcloudVendor Advisory
-
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0264
-
http://www.securityfocus.com/archive/1/495884/100/0/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44372
-
http://www.debian.org/security/2008/dsa-1651
-
http://www.vupen.com/english/advisories/2008/2334
Site en constructionVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9793
-
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
#494401 - ruby1.8: New release (1.8.7-p71) with vulnerabilities fixes - Debian Bug report logs
-
http://www.securityfocus.com/bid/30644
Ruby Multiple Security Bypass and Denial of Service VulnerabilitiesExploit;Patch
-
http://support.avaya.com/elmodocs2/security/ASA-2008-424.htm
-
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00259.html
-
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00299.html
-
http://support.apple.com/kb/HT3549
About the security content of Security Update 2009-002 / Mac OS X v10.5.7 - Apple Support
-
http://www.debian.org/security/2008/dsa-1652
-
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Apple Updates for Multiple Vulnerabilities | CISAUS Government Resource
-
https://usn.ubuntu.com/651-1/
Jump to