What is CVE-2015-3900?

CVE-2015-3900 is a vulnerability in Oracle Solaris, classified under CWE-254. Published 2015-06-24.

Is CVE-2015-3900 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Oracle Solaris

CVE-2015-3900

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SR…

EPSS: 0.024 (85.4th percentile) — read the EPSS interpretation.

Affected products

Oracle Solaris — versions 11.3
Rubygems — versions 2.0.0, 2.0.1, 2.0.2
Ruby-lang Ruby — versions 1.9, 1.9.1, 1.9.2
Redhat Enterprise_linux — versions 6.0, 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-254

Public proof-of-concept exploits

References

RHSA-2015:1657 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
FEDORA-2015-12501 (x_refsource_FEDORA, vendor-advisory)
FEDORA-2015-12574 (x_refsource_FEDORA, vendor-advisory)
[oss-security] 20150626 rubygems <2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020) (mailing-list, x_refsource_MLIST, Third Party Advisory)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)
75482 (vdb-entry, x_refsource_BID)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
FEDORA-2015-13157 (x_refsource_FEDORA, vendor-advisory)

Frequently asked questions

What is CVE-2015-3900?: CVE-2015-3900 is a vulnerability in Oracle Solaris, classified under CWE-254. Published 2015-06-24.
Is CVE-2015-3900 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.