RubySec

Providing security resources for the Ruby community

CVE-2015-3900 (rubygems-update): RubyGems remote_fetcher.rb api_endpoint() Function Missing SRV Record Hostname Validation Request Hijacking

ADVISORIES

GEM

rubygems-update

SEVERITY

CVSS v2: 5.0

PATCHED VERSIONS

  • ~> 2.0.16
  • ~> 2.2.4
  • >= 2.4.7

DESCRIPTION

RubyGems contains a flaw in the api_endpoint() function in remote_fetcher.rb that is triggered when handling hostnames in SRV records. With a specially crafted response, a context-dependent attacker may conduct DNS hijacking attacks.