 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.892559 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DLA-2559-1) |
| Summary: | The remote host is missing an update for the Debian 'busybox' package(s) announced via the DLA-2559-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'busybox' package(s) announced via the DLA-2559-1 advisory. Vulnerability Insight: Busybox, utility programs for small and embedded systems, was affected by several security vulnerabilities. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2011-5325 A path traversal vulnerability was found in Busybox implementation of tar. tar will extract a symlink that points outside of the current working directory and then follow that symlink when extracting other files. This allows for a directory traversal attack when extracting untrusted tarballs. CVE-2013-1813 When device node or symlink in /dev should be created inside 2-or-deeper subdirectory (/dev/dir1/dir2.../node), the intermediate directories are created with incorrect permissions. CVE-2014-4607 An integer overflow may occur when processing any variant of a literal run in the lzo1x_decompress_safe function. Each of these three locations is subject to an integer overflow when processing zero bytes. This exposes the code that copies literals to memory corruption. CVE-2014-9645 The add_probe function in modutils/modprobe.c in BusyBox allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an 'ifconfig /usbserial up' command or a 'mount -t /snd_pcm none /' command. CVE-2016-2147 Integer overflow in the DHCP client (udhcpc) in BusyBox allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write. CVE-2016-2148 Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. CVE-2017-15873 The get_next_block function in archival/libarchive /decompress_bunzip2.c in BusyBox has an Integer Overflow that may lead to a write access violation. CVE-2017-16544 In the add_match function in libbb/lineedit.c in BusyBox, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. CVE-2018-1000517 BusyBox contains a Buffer Overflow vulnerability in Busybox wget that can result in a heap-based buffer overflow. This attack appears to be exploitable via network connectivity. CVE-2015-9621 Unziping a specially crafted zip file results in a computation of an invalid pointer and a crash reading an invalid address. For Debian 9 stretch, these problems have been fixed in version 1:1.22.0-19+deb9u1. We recommend that you upgrade your busybox packages. For the detailed security status of busybox please refer to its security tracker page at: [link moved to references] Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'busybox' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-5325 Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search) https://seclists.org/bugtraq/2019/Jun/14 http://seclists.org/fulldisclosure/2019/Jun/18 http://seclists.org/fulldisclosure/2020/Aug/20 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html http://www.openwall.com/lists/oss-security/2015/10/21/7 https://usn.ubuntu.com/3935-1/ Common Vulnerability Exposure (CVE) ID: CVE-2015-9261 Bugtraq: 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X (Google Search) https://seclists.org/bugtraq/2019/Sep/7 http://seclists.org/fulldisclosure/2019/Sep/7 http://seclists.org/fulldisclosure/2022/Jun/36 http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html http://www.openwall.com/lists/oss-security/2015/10/25/3 https://bugs.debian.org/803097 https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e Common Vulnerability Exposure (CVE) ID: CVE-2016-2147 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X 20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S GLSA-201612-04 https://security.gentoo.org/glsa/201612-04 USN-3935-1 [debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update [debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update [oss-security] 20160311 two udhcpc (busybox) issues http://www.openwall.com/lists/oss-security/2016/03/11/16 https://busybox.net/news.html https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87 Common Vulnerability Exposure (CVE) ID: CVE-2016-2148 https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2 Common Vulnerability Exposure (CVE) ID: CVE-2017-15873 https://bugs.busybox.net/show_bug.cgi?id=10431 https://git.busybox.net/busybox/commit/?id=0402cb32df015d9372578e3db27db47b33d5c7b0 Common Vulnerability Exposure (CVE) ID: CVE-2017-16544 http://seclists.org/fulldisclosure/2020/Mar/15 http://seclists.org/fulldisclosure/2020/Sep/6 http://seclists.org/fulldisclosure/2021/Jan/39 http://seclists.org/fulldisclosure/2021/Aug/21 http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8 https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01 https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1000517 https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e |
| Copyright | Copyright (C) 2021 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |