All the vulnerabilites related to busybox - busybox
cve-2021-42382
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42382", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-42366
Vulnerability from cvelistv5
Published
2023-11-27 00:00
Modified
2024-12-06 13:09
Severity ?
EPSS score ?
Summary
A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-12-06T13:09:27.183Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=15874" }, { "url": "https://security.netapp.com/advisory/ntap-20241206-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-27T22:30:01.486161", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.busybox.net/show_bug.cgi?id=15874" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42366", "datePublished": "2023-11-27T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-12-06T13:09:27.183Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6301
Vulnerability from cvelistv5
Published
2016-12-09 20:00
Modified
2024-08-06 01:22
Severity ?
EPSS score ?
Summary
The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:22:20.879Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20160803 CVE-2016-6301: busybox: NTP server denial of service flaw", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2016/08/03/7" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1363710" }, { "name": "92277", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92277" }, { "name": "GLSA-201701-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-05" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-08-03T00:00:00", "descriptions": [ { "lang": "en", "value": "The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-27T19:06:09", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "[oss-security] 20160803 CVE-2016-6301: busybox: NTP server denial of service flaw", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2016/08/03/7" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1363710" }, { "name": "92277", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/92277" }, { "name": "GLSA-201701-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-05" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-6301", "datePublished": "2016-12-09T20:00:00", "dateReserved": "2016-07-26T00:00:00", "dateUpdated": "2024-08-06T01:22:20.879Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30065
Vulnerability from cvelistv5
Published
2022-05-18 00:00
Modified
2024-08-03 06:40
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:40:47.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=14781" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.busybox.net/show_bug.cgi?id=14781" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-30065", "datePublished": "2022-05-18T00:00:00", "dateReserved": "2022-05-02T00:00:00", "dateUpdated": "2024-08-03T06:40:47.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42375
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.275Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An incorrect handling of a special element in Busybox\u0027s ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-159", "description": "CWE-159", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42375", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.275Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-2147
Vulnerability from cvelistv5
Published
2017-02-09 15:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:17:50.743Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87" }, { "name": "[oss-security] 20160311 two udhcpc (busybox) issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2016/03/11/16" }, { "name": "GLSA-201612-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201612-04" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://busybox.net/news.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-15T13:06:13", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87" }, { "name": "[oss-security] 20160311 two udhcpc (busybox) issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2016/03/11/16" }, { "name": "GLSA-201612-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201612-04" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://busybox.net/news.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-2147", "datePublished": "2017-02-09T15:00:00", "dateReserved": "2016-01-29T00:00:00", "dateUpdated": "2024-08-05T23:17:50.743Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-2148
Vulnerability from cvelistv5
Published
2017-02-09 15:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:17:50.743Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2" }, { "name": "[oss-security] 20160311 two udhcpc (busybox) issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2016/03/11/16" }, { "name": "GLSA-201612-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201612-04" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://busybox.net/news.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-15T13:06:14", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2" }, { "name": "[oss-security] 20160311 two udhcpc (busybox) issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2016/03/11/16" }, { "name": "GLSA-201612-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201612-04" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://busybox.net/news.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-2148", "datePublished": "2017-02-09T15:00:00", "dateReserved": "2016-01-29T00:00:00", "dateUpdated": "2024-08-05T23:17:50.743Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-5747
Vulnerability from cvelistv5
Published
2019-01-09 16:00
Modified
2024-08-04 20:01
Severity ?
EPSS score ?
Summary
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.
References
▼ | URL | Tags |
---|---|---|
https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06 | x_refsource_MISC | |
https://bugs.busybox.net/show_bug.cgi?id=11506 | x_refsource_MISC | |
https://usn.ubuntu.com/3935-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://seclists.org/fulldisclosure/2019/Sep/7 | mailing-list, x_refsource_FULLDISC | |
https://seclists.org/bugtraq/2019/Sep/7 | mailing-list, x_refsource_BUGTRAQ | |
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:01:52.241Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=11506" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-01-09T00:00:00", "descriptions": [ { "lang": "en", "value": "An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-29T01:37:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=11506" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5747", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06" }, { "name": "https://bugs.busybox.net/show_bug.cgi?id=11506", "refsource": "MISC", "url": "https://bugs.busybox.net/show_bug.cgi?id=11506" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-5747", "datePublished": "2019-01-09T16:00:00", "dateReserved": "2019-01-09T00:00:00", "dateUpdated": "2024-08-04T20:01:52.241Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-15873
Vulnerability from cvelistv5
Published
2017-10-24 20:00
Modified
2024-08-05 20:04
Severity ?
EPSS score ?
Summary
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
References
▼ | URL | Tags |
---|---|---|
https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html | mailing-list, x_refsource_MLIST | |
https://bugs.busybox.net/show_bug.cgi?id=10431 | x_refsource_MISC | |
https://usn.ubuntu.com/3935-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T20:04:50.496Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=10431" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-10-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-15T13:06:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=10431" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15873", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "https://bugs.busybox.net/show_bug.cgi?id=10431", "refsource": "MISC", "url": "https://bugs.busybox.net/show_bug.cgi?id=10431" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-15873", "datePublished": "2017-10-24T20:00:00", "dateReserved": "2017-10-24T00:00:00", "dateUpdated": "2024-08-05T20:04:50.496Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-16544
Vulnerability from cvelistv5
Published
2017-11-20 15:00
Modified
2024-08-05 20:27
Severity ?
EPSS score ?
Summary
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T20:27:04.005Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2019-0013.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" }, { "name": "20200902 SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Sep/6" }, { "name": "20210113 SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Jan/39" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" }, { "name": "20210819 SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Aug/21" }, { "name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jun/36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-11-20T00:00:00", "descriptions": [ { "lang": "en", "value": "In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-20T18:06:31", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2019-0013.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" }, { "name": "20200902 SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Sep/6" }, { "name": "20210113 SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2021/Jan/39" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" }, { "name": "20210819 SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2021/Aug/21" }, { "name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jun/36" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-16544", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/", "refsource": "MISC", "url": "https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2019-0013.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2019-0013.html" }, { "name": "http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01" }, { "name": "20200902 SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Sep/6" }, { "name": "20210113 SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Jan/39" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" }, { "name": "20210819 SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Aug/21" }, { "name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jun/36" }, { "name": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-16544", "datePublished": "2017-11-20T15:00:00", "dateReserved": "2017-11-05T00:00:00", "dateUpdated": "2024-08-05T20:27:04.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42380
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.349Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42380", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.349Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-28831
Vulnerability from cvelistv5
Published
2021-03-19 04:01
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.
References
▼ | URL | Tags |
---|---|---|
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202105-09 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T21:55:12.232Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd" }, { "name": "FEDORA-2021-e82915eee1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/" }, { "name": "FEDORA-2021-d20c8a4730", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/" }, { "name": "FEDORA-2021-2024803354", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/" }, { "name": "[debian-lts-announce] 20210401 [SECURITY] [DLA 2614-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html" }, { "name": "GLSA-202105-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202105-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-26T09:06:11", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd" }, { "name": "FEDORA-2021-e82915eee1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/" }, { "name": "FEDORA-2021-d20c8a4730", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/" }, { "name": "FEDORA-2021-2024803354", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/" }, { "name": "[debian-lts-announce] 20210401 [SECURITY] [DLA 2614-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html" }, { "name": "GLSA-202105-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202105-09" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-28831", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd" }, { "name": "FEDORA-2021-e82915eee1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/" }, { "name": "FEDORA-2021-d20c8a4730", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/" }, { "name": "FEDORA-2021-2024803354", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/" }, { "name": "[debian-lts-announce] 20210401 [SECURITY] [DLA 2614-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html" }, { "name": "GLSA-202105-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202105-09" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-28831", "datePublished": "2021-03-19T04:01:54", "dateReserved": "2021-03-19T00:00:00", "dateUpdated": "2024-08-03T21:55:12.232Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42374
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.452Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An out-of-bounds heap read in Busybox\u0027s unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42374", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.452Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42384
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42384", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-42363
Vulnerability from cvelistv5
Published
2023-11-27 00:00
Modified
2024-08-02 19:16
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:16:50.975Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=15865" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-27T21:53:07.527829", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.busybox.net/show_bug.cgi?id=15865" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42363", "datePublished": "2023-11-27T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-08-02T19:16:50.975Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-9261
Vulnerability from cvelistv5
Published
2018-07-26 19:00
Modified
2024-08-06 08:43
Severity ?
EPSS score ?
Summary
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:43:42.398Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/25/3" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.debian.org/803097" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" }, { "name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jun/36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-07-26T00:00:00", "descriptions": [ { "lang": "en", "value": "huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-20T18:06:49", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/25/3" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.debian.org/803097" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" }, { "name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jun/36" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-9261", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "http://www.openwall.com/lists/oss-security/2015/10/25/3", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2015/10/25/3" }, { "name": "https://bugs.debian.org/803097", "refsource": "MISC", "url": "https://bugs.debian.org/803097" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" }, { "name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jun/36" }, { "name": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-9261", "datePublished": "2018-07-26T19:00:00", "dateReserved": "2018-07-26T00:00:00", "dateUpdated": "2024-08-06T08:43:42.398Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-1000500
Vulnerability from cvelistv5
Published
2018-06-26 16:00
Modified
2024-08-05 12:40
Severity ?
EPSS score ?
Summary
Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".
References
▼ | URL | Tags |
---|---|---|
http://lists.busybox.net/pipermail/busybox/2018-May/086462.html | x_refsource_MISC | |
https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91 | x_refsource_CONFIRM | |
https://usn.ubuntu.com/4531-1/ | vendor-advisory, x_refsource_UBUNTU |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:40:47.005Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lists.busybox.net/pipermail/busybox/2018-May/086462.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91" }, { "name": "USN-4531-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4531-1/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2018-06-23T00:00:00", "datePublic": "2018-06-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Busybox contains a Missing SSL certificate validation vulnerability in The \"busybox wget\" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using \"busybox wget https://compromised-domain.com/important-file\"." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-24T19:06:28", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://lists.busybox.net/pipermail/busybox/2018-May/086462.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91" }, { "name": "USN-4531-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4531-1/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-06-23T11:22:32.999650", "DATE_REQUESTED": "2018-05-27T16:58:52", "ID": "CVE-2018-1000500", "REQUESTER": "eschwartz@archlinux.org", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Busybox contains a Missing SSL certificate validation vulnerability in The \"busybox wget\" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using \"busybox wget https://compromised-domain.com/important-file\"." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://lists.busybox.net/pipermail/busybox/2018-May/086462.html", "refsource": "MISC", "url": "http://lists.busybox.net/pipermail/busybox/2018-May/086462.html" }, { "name": "https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91", "refsource": "CONFIRM", "url": "https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91" }, { "name": "USN-4531-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4531-1/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000500", "datePublished": "2018-06-26T16:00:00", "dateReserved": "2018-05-27T00:00:00", "dateUpdated": "2024-08-05T12:40:47.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42378
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.552Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42378", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.552Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-3209
Vulnerability from cvelistv5
Published
2018-07-24 15:00
Modified
2024-08-05 14:16
Severity ?
EPSS score ?
Summary
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user
References
▼ | URL | Tags |
---|---|---|
https://www.securityfocus.com/bid/97564 | vdb-entry, x_refsource_BID | |
https://www.kb.cert.org/vuls/id/334207 | third-party-advisory, x_refsource_CERT-VN | |
https://dl.acm.org/citation.cfm?id=3139943 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | DBPOWER | U818A WiFi Quadcopter Drone | |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:28.416Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "97564", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "https://www.securityfocus.com/bid/97564" }, { "name": "VU#334207", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/334207" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://dl.acm.org/citation.cfm?id=3139943" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "U818A WiFi Quadcopter Drone", "vendor": "DBPOWER", "versions": [ { "status": "unknown", "version": "N/A" } ] } ], "datePublic": "2017-04-11T00:00:00", "descriptions": [ { "lang": "en", "value": "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-25T22:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "97564", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "https://www.securityfocus.com/bid/97564" }, { "name": "VU#334207", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/334207" }, { "tags": [ "x_refsource_MISC" ], "url": "https://dl.acm.org/citation.cfm?id=3139943" } ], "source": { "discovery": "UNKNOWN" }, "title": "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2017-3209", "STATE": "PUBLIC", "TITLE": "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "U818A WiFi Quadcopter Drone", "version": { "version_data": [ { "affected": "?", "version_affected": "?", "version_value": "N/A" } ] } } ] }, "vendor_name": "DBPOWER" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-276" } ] } ] }, "references": { "reference_data": [ { "name": "97564", "refsource": "BID", "url": "https://www.securityfocus.com/bid/97564" }, { "name": "VU#334207", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/334207" }, { "name": "https://dl.acm.org/citation.cfm?id=3139943", "refsource": "MISC", "url": "https://dl.acm.org/citation.cfm?id=3139943" } ] }, "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2017-3209", "datePublished": "2018-07-24T15:00:00", "dateReserved": "2016-12-05T00:00:00", "dateUpdated": "2024-08-05T14:16:28.416Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-20679
Vulnerability from cvelistv5
Published
2019-01-09 16:00
Modified
2024-08-05 12:05
Severity ?
EPSS score ?
Summary
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.
References
▼ | URL | Tags |
---|---|---|
https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c | x_refsource_MISC | |
https://busybox.net/news.html | x_refsource_MISC | |
https://bugs.busybox.net/show_bug.cgi?id=11506 | x_refsource_MISC | |
https://usn.ubuntu.com/3935-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://seclists.org/fulldisclosure/2019/Sep/7 | mailing-list, x_refsource_FULLDISC | |
https://seclists.org/bugtraq/2019/Sep/7 | mailing-list, x_refsource_BUGTRAQ | |
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:05:17.686Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://busybox.net/news.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=11506" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-01-09T00:00:00", "descriptions": [ { "lang": "en", "value": "An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-09-05T01:06:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c" }, { "tags": [ "x_refsource_MISC" ], "url": "https://busybox.net/news.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=11506" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20679", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c" }, { "name": "https://busybox.net/news.html", "refsource": "MISC", "url": "https://busybox.net/news.html" }, { "name": "https://bugs.busybox.net/show_bug.cgi?id=11506", "refsource": "MISC", "url": "https://bugs.busybox.net/show_bug.cgi?id=11506" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Sep/7" }, { "name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/7" }, { "name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20679", "datePublished": "2019-01-09T16:00:00", "dateReserved": "2019-01-09T00:00:00", "dateUpdated": "2024-08-05T12:05:17.686Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2011-2716
Vulnerability from cvelistv5
Published
2012-07-03 16:00
Modified
2024-08-06 23:08
Severity ?
EPSS score ?
Summary
The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
References
▼ | URL | Tags |
---|---|---|
http://downloads.avaya.com/css/P8/documents/100158840 | x_refsource_CONFIRM | |
http://www.busybox.net/news.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/45363 | third-party-advisory, x_refsource_SECUNIA | |
https://support.t-mobile.com/docs/DOC-21994 | x_refsource_CONFIRM | |
https://bugs.busybox.net/show_bug.cgi?id=3979 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2012-0810.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/48879 | vdb-entry, x_refsource_BID | |
http://www.mandriva.com/security/advisories?name=MDVSA-2012:129 | vendor-advisory, x_refsource_MANDRIVA | |
http://seclists.org/fulldisclosure/2019/Jun/18 | mailing-list, x_refsource_FULLDISC | |
https://seclists.org/bugtraq/2019/Jun/14 | mailing-list, x_refsource_BUGTRAQ | |
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | x_refsource_MISC | |
http://seclists.org/fulldisclosure/2020/Aug/20 | mailing-list, x_refsource_FULLDISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:08:23.908Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://downloads.avaya.com/css/P8/documents/100158840" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.busybox.net/news.html" }, { "name": "45363", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/45363" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.t-mobile.com/docs/DOC-21994" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=3979" }, { "name": "RHSA-2012:0810", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html" }, { "name": "48879", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/48879" }, { "name": "MDVSA-2012:129", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-07-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-27T19:06:10", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://downloads.avaya.com/css/P8/documents/100158840" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.busybox.net/news.html" }, { "name": "45363", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/45363" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.t-mobile.com/docs/DOC-21994" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=3979" }, { "name": "RHSA-2012:0810", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html" }, { "name": "48879", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/48879" }, { "name": "MDVSA-2012:129", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2716", "datePublished": "2012-07-03T16:00:00", "dateReserved": "2011-07-11T00:00:00", "dateUpdated": "2024-08-06T23:08:23.908Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-15874
Vulnerability from cvelistv5
Published
2017-10-24 20:00
Modified
2024-08-05 20:04
Severity ?
EPSS score ?
Summary
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
References
▼ | URL | Tags |
---|---|---|
https://bugs.busybox.net/show_bug.cgi?id=10436 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T20:04:50.505Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=10436" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-10-24T00:00:00", "descriptions": [ { "lang": "en", "value": "archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-24T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=10436" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15874", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugs.busybox.net/show_bug.cgi?id=10436", "refsource": "MISC", "url": "https://bugs.busybox.net/show_bug.cgi?id=10436" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-15874", "datePublished": "2017-10-24T20:00:00", "dateReserved": "2017-10-24T00:00:00", "dateUpdated": "2024-08-05T20:04:50.505Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-42365
Vulnerability from cvelistv5
Published
2023-11-27 00:00
Modified
2024-08-02 19:16
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:16:51.040Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=15871" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-27T22:24:42.955118", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.busybox.net/show_bug.cgi?id=15871" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42365", "datePublished": "2023-11-27T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-08-02T19:16:51.040Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-1058
Vulnerability from cvelistv5
Published
2006-04-04 10:00
Modified
2024-08-07 16:56
Severity ?
EPSS score ?
Summary
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
References
▼ | URL | Tags |
---|---|---|
http://secunia.com/advisories/25098 | third-party-advisory, x_refsource_SECUNIA | |
http://www.securityfocus.com/bid/17330 | vdb-entry, x_refsource_BID | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483 | vdb-entry, signature, x_refsource_OVAL | |
http://secunia.com/advisories/19477 | third-party-advisory, x_refsource_SECUNIA | |
http://bugs.busybox.net/view.php?id=604 | x_refsource_CONFIRM | |
http://secunia.com/advisories/25848 | third-party-advisory, x_refsource_SECUNIA | |
http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm | x_refsource_CONFIRM | |
http://www.redhat.com/support/errata/RHSA-2007-0244.html | vendor-advisory, x_refsource_REDHAT | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/25569 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:56:15.493Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "25098", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25098" }, { "name": "17330", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/17330" }, { "name": "oval:org.mitre.oval:def:9483", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483" }, { "name": "19477", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19477" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.busybox.net/view.php?id=604" }, { "name": "25848", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25848" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm" }, { "name": "RHSA-2007:0244", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0244.html" }, { "name": "busybox-passwd-weak-security(25569)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25569" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-12-19T00:00:00", "descriptions": [ { "lang": "en", "value": "BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "25098", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25098" }, { "name": "17330", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/17330" }, { "name": "oval:org.mitre.oval:def:9483", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483" }, { "name": "19477", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19477" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.busybox.net/view.php?id=604" }, { "name": "25848", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25848" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm" }, { "name": "RHSA-2007:0244", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0244.html" }, { "name": "busybox-passwd-weak-security(25569)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25569" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-1058", "datePublished": "2006-04-04T10:00:00", "dateReserved": "2006-03-07T00:00:00", "dateUpdated": "2024-08-07T16:56:15.493Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2014-9645
Vulnerability from cvelistv5
Published
2017-03-12 06:05
Modified
2024-08-06 13:47
Severity ?
EPSS score ?
Summary
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
References
▼ | URL | Tags |
---|---|---|
https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu | x_refsource_MISC | |
https://bugs.busybox.net/show_bug.cgi?id=7652 | x_refsource_CONFIRM | |
http://openwall.com/lists/oss-security/2015/01/24/4 | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/201503-13 | vendor-advisory, x_refsource_GENTOO | |
http://www.securityfocus.com/bid/72324 | vdb-entry, x_refsource_BID | |
https://bugzilla.redhat.com/show_bug.cgi?id=1185707 | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html | mailing-list, x_refsource_MLIST | |
http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b | x_refsource_CONFIRM | |
https://usn.ubuntu.com/3935-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://seclists.org/fulldisclosure/2020/Mar/15 | mailing-list, x_refsource_FULLDISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T13:47:41.807Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=7652" }, { "name": "[oss-security] 20150124 Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://openwall.com/lists/oss-security/2015/01/24/4" }, { "name": "GLSA-201503-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201503-13" }, { "name": "72324", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/72324" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185707" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-01-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an \"ifconfig /usbserial up\" command or a \"mount -t /snd_pcm none /\" command." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-13T18:06:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=7652" }, { "name": "[oss-security] 20150124 Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://openwall.com/lists/oss-security/2015/01/24/4" }, { "name": "GLSA-201503-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201503-13" }, { "name": "72324", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/72324" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185707" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9645", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an \"ifconfig /usbserial up\" command or a \"mount -t /snd_pcm none /\" command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu", "refsource": "MISC", "url": "https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu" }, { "name": "https://bugs.busybox.net/show_bug.cgi?id=7652", "refsource": "CONFIRM", "url": "https://bugs.busybox.net/show_bug.cgi?id=7652" }, { "name": "[oss-security] 20150124 Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2015/01/24/4" }, { "name": "GLSA-201503-13", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201503-13" }, { "name": "72324", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72324" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185707", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185707" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b", "refsource": "CONFIRM", "url": "http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Mar/15" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9645", "datePublished": "2017-03-12T06:05:00", "dateReserved": "2015-01-24T00:00:00", "dateUpdated": "2024-08-06T13:47:41.807Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2011-5325
Vulnerability from cvelistv5
Published
2017-08-07 17:00
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
References
▼ | URL | Tags |
---|---|---|
http://www.openwall.com/lists/oss-security/2015/10/21/7 | mailing-list, x_refsource_MLIST | |
https://bugzilla.redhat.com/show_bug.cgi?id=1274215 | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html | mailing-list, x_refsource_MLIST | |
https://usn.ubuntu.com/3935-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://seclists.org/fulldisclosure/2019/Jun/18 | mailing-list, x_refsource_FULLDISC | |
https://seclists.org/bugtraq/2019/Jun/14 | mailing-list, x_refsource_BUGTRAQ | |
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | x_refsource_MISC | |
http://seclists.org/fulldisclosure/2020/Aug/20 | mailing-list, x_refsource_FULLDISC | |
https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T00:30:47.187Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20151021 Re: CVE Request: BusyBox tar directory traversal", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/21/7" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274215" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-01-04T00:00:00", "descriptions": [ { "lang": "en", "value": "Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-15T13:06:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[oss-security] 20151021 Re: CVE Request: BusyBox tar directory traversal", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/21/7" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274215" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-5325", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20151021 Re: CVE Request: BusyBox tar directory traversal", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/10/21/7" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274215", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274215" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Aug/20" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-5325", "datePublished": "2017-08-07T17:00:00", "dateReserved": "2015-10-21T00:00:00", "dateUpdated": "2024-08-07T00:30:47.187Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2013-1813
Vulnerability from cvelistv5
Published
2013-11-23 11:00
Modified
2024-08-06 15:13
Severity ?
EPSS score ?
Summary
util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
References
▼ | URL | Tags |
---|---|---|
https://support.t-mobile.com/docs/DOC-21994 | x_refsource_CONFIRM | |
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965 | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2013-1732.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.busybox.net/pipermail/busybox/2013-January/078864.html | mailing-list, x_refsource_MLIST | |
http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2019/Jun/18 | mailing-list, x_refsource_FULLDISC | |
https://seclists.org/bugtraq/2019/Jun/14 | mailing-list, x_refsource_BUGTRAQ | |
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | x_refsource_MISC | |
http://seclists.org/fulldisclosure/2020/Mar/15 | mailing-list, x_refsource_FULLDISC | |
http://seclists.org/fulldisclosure/2020/Aug/20 | mailing-list, x_refsource_FULLDISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T15:13:32.987Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.t-mobile.com/docs/DOC-21994" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965" }, { "name": "RHSA-2013:1732", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1732.html" }, { "name": "[busybox] 20130722 1.21.0 is released", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.busybox.net/pipermail/busybox/2013-January/078864.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-01-21T00:00:00", "descriptions": [ { "lang": "en", "value": "util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-27T19:06:14", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.t-mobile.com/docs/DOC-21994" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965" }, { "name": "RHSA-2013:1732", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1732.html" }, { "name": "[busybox] 20130722 1.21.0 is released", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.busybox.net/pipermail/busybox/2013-January/078864.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1813", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.t-mobile.com/docs/DOC-21994", "refsource": "CONFIRM", "url": "https://support.t-mobile.com/docs/DOC-21994" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965" }, { "name": "RHSA-2013:1732", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1732.html" }, { "name": "[busybox] 20130722 1.21.0 is released", "refsource": "MLIST", "url": "http://lists.busybox.net/pipermail/busybox/2013-January/078864.html" }, { "name": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784", "refsource": "CONFIRM", "url": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784" }, { "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Jun/18" }, { "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jun/14" }, { "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" }, { "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Mar/15" }, { "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Aug/20" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-1813", "datePublished": "2013-11-23T11:00:00", "dateReserved": "2013-02-19T00:00:00", "dateUpdated": "2024-08-06T15:13:32.987Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42385
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.291Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42385", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.291Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42383
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.425Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42383", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.425Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42381
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.442Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42381", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.442Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-28391
Vulnerability from cvelistv5
Published
2022-04-03 20:20
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:56:15.214Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-03T20:20:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-28391", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", "refsource": "MISC", "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" }, { "name": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", "refsource": "MISC", "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" }, { "name": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", "refsource": "MISC", "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-28391", "datePublished": "2022-04-03T20:20:12", "dateReserved": "2022-04-03T00:00:00", "dateUpdated": "2024-08-03T05:56:15.214Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-42364
Vulnerability from cvelistv5
Published
2023-11-27 00:00
Modified
2024-10-10 20:29
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:16:51.059Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=15868" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-42364", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-10T20:28:22.651369Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-10T20:29:03.776Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-27T22:16:27.514044", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.busybox.net/show_bug.cgi?id=15868" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42364", "datePublished": "2023-11-27T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-10-10T20:29:03.776Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-1000517
Vulnerability from cvelistv5
Published
2018-06-26 16:00
Modified
2024-08-05 12:40
Severity ?
EPSS score ?
Summary
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
References
▼ | URL | Tags |
---|---|---|
https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html | mailing-list, x_refsource_MLIST | |
https://usn.ubuntu.com/3935-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:40:47.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2018-06-23T00:00:00", "datePublic": "2018-06-26T00:00:00", "descriptions": [ { "lang": "en", "value": "BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-15T13:06:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "USN-3935-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-06-23T11:22:33.020026", "DATE_REQUESTED": "2018-05-04T10:24:11", "ID": "CVE-2018-1000517", "REQUESTER": "vulncoord@ficora.fi", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e", "refsource": "MISC", "url": "https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" }, { "name": "USN-3935-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3935-1/" }, { "name": "[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000517", "datePublished": "2018-06-26T16:00:00", "dateReserved": "2018-05-04T00:00:00", "dateUpdated": "2024-08-05T12:40:47.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42376
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.515Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A NULL pointer dereference in Busybox\u0027s hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \\x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42376", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.515Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42377
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.349Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An attacker-controlled pointer free in Busybox\u0027s hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the \u0026\u0026\u0026 string. This may be used for remote code execution under rare conditions of filtered command input." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-590", "description": "CWE-590", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42377", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.349Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42386
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.449Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42386", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42373
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A NULL pointer dereference in Busybox\u0027s man applet leads to denial of service when a section name is supplied but no page argument is given" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42373", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39810
Vulnerability from cvelistv5
Published
2023-08-28 00:00
Modified
2024-10-02 15:58
Severity ?
EPSS score ?
Summary
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:18:10.016Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://busybox.com" }, { "tags": [ "x_transferred" ], "url": "https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-39810", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-02T15:58:10.995250Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-02T15:58:19.674Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-28T18:13:20.931278", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "http://busybox.com" }, { "url": "https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-39810", "datePublished": "2023-08-28T00:00:00", "dateReserved": "2023-08-07T00:00:00", "dateUpdated": "2024-10-02T15:58:19.674Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42379
Vulnerability from cvelistv5
Published
2021-11-15 00:00
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.266Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "busybox", "vendor": "busybox", "versions": [ { "lessThan": "1.34.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T00:00:00", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" }, { "name": "FEDORA-2021-5a95823596", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" }, { "name": "FEDORA-2021-c52c0fe490", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0002/" }, { "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog" } ] } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2021-42379", "datePublished": "2021-11-15T00:00:00", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.266Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48174
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-11-29 12:04
Severity ?
EPSS score ?
Summary
There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-29T12:04:34.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.busybox.net/show_bug.cgi?id=15216" }, { "url": "https://security.netapp.com/advisory/ntap-20241129-0001/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-48174", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-03T14:24:43.462618Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-03T14:24:51.861Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-22T15:44:17.734497", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.busybox.net/show_bug.cgi?id=15216" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-48174", "datePublished": "2023-08-22T00:00:00", "dateReserved": "2022-12-29T00:00:00", "dateUpdated": "2024-11-29T12:04:34.610Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202205-1540
Vulnerability from variot
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. BusyBox of BusyBox Products from multiple other vendors contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1540", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "scalance sc626-2c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "scalance sc636-2c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "busybox", "scope": "eq", "trust": 1.0, "vendor": "busybox", "version": "1.35.0" }, { "model": "scalance sc642-2c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "scalance sc622-2c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "scalance sc632-2c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "scalance sc646-2c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "scalance sc-636-2c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "scalance sc-642-2c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "scalance sc-622-2c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "scalance sc-632-2c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "scalance sc-646-2c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "scalance sc626-2c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "busybox", "scope": null, "trust": 0.8, "vendor": "busybox", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "NVD", "id": "CVE-2022-30065" } ] }, "cve": "CVE-2022-30065", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2022-30065", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2022-30065", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-30065", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-30065", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2022-30065", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202205-3676", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2022-30065", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30065" }, { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "CNNVD", "id": "CNNVD-202205-3676" }, { "db": "NVD", "id": "CVE-2022-30065" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. BusyBox of BusyBox Products from multiple other vendors contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2022-30065" }, { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "VULMON", "id": "CVE-2022-30065" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-30065", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-333517", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-22-349-18", "trust": 0.9 }, { "db": "JVN", "id": "JVNVU91561630", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-010126", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.6430", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.6310", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.2163", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202205-3676", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-30065", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30065" }, { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "CNNVD", "id": "CNNVD-202205-3676" }, { "db": "NVD", "id": "CVE-2022-30065" } ] }, "id": "VAR-202205-1540", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.5566514 }, "last_update_date": "2024-11-23T19:43:19.341000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "BusyBox Remediation of resource management error vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=194591" }, { "title": "Red Hat: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2022-30065" }, { "title": "", "trust": 0.1, "url": "https://github.com/Live-Hack-CVE/CVE-2022-30065 " }, { "title": "", "trust": 0.1, "url": "https://github.com/KazKobara/dockerfile_fswiki_local " }, { "title": "", "trust": 0.1, "url": "https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc " } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30065" }, { "db": "CNNVD", "id": "CNNVD-202205-3676" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.0 }, { "problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "NVD", "id": "CVE-2022-30065" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://bugs.busybox.net/show_bug.cgi?id=14781" }, { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91561630/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30065" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.2163" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/busybox-reuse-after-free-via-awk-applet-39999" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.6430" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.6310" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-30065/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/416.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2022-30065" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-18" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-30065" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-30065" }, { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "CNNVD", "id": "CNNVD-202205-3676" }, { "db": "NVD", "id": "CVE-2022-30065" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-30065" }, { "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "db": "CNNVD", "id": "CNNVD-202205-3676" }, { "db": "NVD", "id": "CVE-2022-30065" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-18T00:00:00", "db": "VULMON", "id": "CVE-2022-30065" }, { "date": "2023-08-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "date": "2022-05-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-3676" }, { "date": "2022-05-18T15:15:10.240000", "db": "NVD", "id": "CVE-2022-30065" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-11T00:00:00", "db": "VULMON", "id": "CVE-2022-30065" }, { "date": "2023-08-10T08:25:00", "db": "JVNDB", "id": "JVNDB-2022-010126" }, { "date": "2023-04-17T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-3676" }, { "date": "2024-11-21T07:02:09.397000", "db": "NVD", "id": "CVE-2022-30065" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-3676" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "BusyBox\u00a0 of \u00a0BusyBox\u00a0 Vulnerability related to use of freed memory in products from other vendors", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010126" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-3676" } ], "trust": 0.6 } }