Ruby OpenSSL Extension Vulnerability in Server Identity Verification
CVE-2015-1855

5.9MEDIUM

Key Information:

Vendor

Ruby

Status
Ruby
Vendor
CVE Published:
29 November 2019

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2015-1855?

The Ruby OpenSSL extension prior to specific versions fails to properly validate hostnames. This vulnerability can be exploited by remote attackers to spoof server identities through various means, including incorrect handling of multiple wildcards, wildcards in IDNA names, case sensitivity issues, and non-ASCII characters. To protect against this threat, it is crucial to upgrade to the patched versions of Ruby.

Affected Version(s)

Ruby before 2.0.0 patchlevel 645

Ruby 2.1.x before 2.1.6

Ruby and 2.2.x before 2.2.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2015-1855
Created by vpereira

References

http://www.debian.org/security/2015/dsa-3247
x_refsource_MISC
http://www.debian.org/security/2015/dsa-3245
x_refsource_MISC
http://www.debian.org/security/2015/dsa-3246
x_refsource_MISC

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability Reserved

.