// For flags

CVE-2007-5770

net:: * modules

Severity Score

9.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.

Las librerias (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, y (5) Net::smtp en Ruby 1.8.5 y 1.8.6 no verifica el campo commonName (CN) en un servidor que valida certificados el nombre de dominio en una respuesta enviada sobre SSL, lo cual hace más facil a los atacantes remotos interceptar transmisiones SSL a través de un ataque de hombre en el medio o suplantando el sitio web, un componente diferente que el CVE-2007-5162.

Chris Clark discovered that Ruby's HTTPS module did not check for commonName mismatches early enough during SSL negotiation. If a remote attacker were able to perform man-in-the-middle attacks, this flaw could be exploited to view sensitive information in HTTPS requests coming from Ruby applications. It was discovered that Ruby's FTPTLS, telnets, and IMAPS modules did not check the commonName when performing SSL certificate checks. If a remote attacker were able to perform man-in-the-middle attacks, this flaw could be exploited to eavesdrop on encrypted communications from Ruby applications using these protocols.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-11-01 CVE Reserved
  • 2007-11-14 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
References (28)
URL Tag Source
http://docs.info.apple.com/article.html?artnum=307179 X_refsource_confirm
http://secunia.com/advisories/27756 Third Party Advisory
http://secunia.com/advisories/27764 Third Party Advisory
http://secunia.com/advisories/27769 Third Party Advisory
http://secunia.com/advisories/27818 Third Party Advisory
http://secunia.com/advisories/28136 Third Party Advisory
http://secunia.com/advisories/28645 Third Party Advisory
http://secunia.com/advisories/29556 Third Party Advisory
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656 X_refsource_confirm
http://www.securityfocus.com/bid/26421 Vdb Entry
http://www.securitytracker.com/id?1018938 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA07-352A.html Third Party Advisory
http://www.vupen.com/english/advisories/2007/4238 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11025 Signature
URL Date SRC
URL Date SRC
http://secunia.com/advisories/27673 2017-09-29
http://www.redhat.com/support/errata/RHSA-2007-0965.html 2017-09-29
URL Date SRC
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html 2017-09-29
http://secunia.com/advisories/26985 2017-09-29
http://secunia.com/advisories/27576 2017-09-29
http://www.debian.org/security/2007/dsa-1410 2017-09-29
http://www.debian.org/security/2007/dsa-1411 2017-09-29
http://www.debian.org/security/2007/dsa-1412 2017-09-29
http://www.mandriva.com/security/advisories?name=MDVSA-2008:029 2017-09-29
http://www.novell.com/linux/security/advisories/2007_24_sr.html 2017-09-29
http://www.redhat.com/support/errata/RHSA-2007-0961.html 2017-09-29
http://www.ubuntu.com/usn/usn-596-1 2017-09-29
https://bugzilla.redhat.com/show_bug.cgi?id=362081 2007-11-13
https://access.redhat.com/security/cve/CVE-2007-5770 2007-11-13
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.5
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.5"
-
Affected
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6"
-
Affected