RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client…
RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component.
https://cwe.mitre.org/data/definitions/138.html →Open in CWE collection →The product performs reverse DNS resolution on an IP address to obtain the hostname and make a security decision, but it does not properly ensure that the IP address is truly associated with the hostname.
https://cwe.mitre.org/data/definitions/350.html →Open in CWE collection →An attack of this type exploits a programs' vulnerabilities that allows an attacker's commands to be concatenated onto a legitimate command with the intent of targeting other resources such as the file system or database. The system that uses a filter or denylist input validation, as opposed to allowlist validation is vulnerable to an attacker who predicts delimiters (or combinations of delimiters) not present in the filter or denylist. As with other injection attacks, the attacker uses the command delimiter payload as an entry point to tunnel through the application and activate additional attacks through SQL queries, shell commands, network scanning, and so on.
https://capec.mitre.org/data/definitions/15.html →Open in CAPEC collection →https://capec.mitre.org/data/definitions/34.html →Open in CAPEC collection →
An attack of this type involves an adversary inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then used by the target software to generate HTML text or other potentially executable content. Many websites rely on user-generated content and dynamically build resources like files, filenames, and URL links directly from user supplied data. In this attack pattern, the attacker uploads code that can execute in the client browser and/or redirect the client browser to a site that the attacker owns. All XSS attack payload variants can be used to pass and exploit these vulnerabilities.
https://capec.mitre.org/data/definitions/73.html →Open in CAPEC collection →A pharming attack occurs when the victim is fooled into entering sensitive data into supposedly trusted locations, such as an online bank site or a trading platform. An attacker can impersonate these supposedly trusted sites and have the victim be directed to their site rather than the originally intended one. Pharming does not require script injection or clicking on malicious links for the attack to succeed.
https://capec.mitre.org/data/definitions/89.html →Open in CAPEC collection →https://capec.mitre.org/data/definitions/105.html →Open in CAPEC collection →
A domain name server translates a domain name (such as www.example.com) into an IP address that Internet hosts use to contact Internet resources. An adversary modifies a public DNS cache to cause certain names to resolve to incorrect addresses that the adversary specifies. The result is that client applications that rely upon the targeted cache for domain name resolution will be directed not to the actual address of the specified domain name but to some other address. Adversaries can use this to herd clients to sites that install malware on the victim's computer or to masquerade as part of a Pharming attack.
https://capec.mitre.org/data/definitions/142.html →Open in CAPEC collection →An adversary serves content whose IP address is resolved by a DNS server that the adversary controls. After initial contact by a web browser (or similar client), the adversary changes the IP address to which its name resolves, to an address within the target organization that is not publicly accessible. This allows the web browser to examine this internal address on behalf of the adversary.
https://capec.mitre.org/data/definitions/275.html →Open in CAPEC collection →| Product | Vendor | Status |
|---|---|---|
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| jruby | Tracked | |
| rh-ruby22-ruby | Tracked | |
| rh-ruby22-ruby | Tracked | |
| rh-ruby22-ruby | Tracked | |
| rh-ruby22-ruby | Tracked |