Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cloudfoundryCloud FoundryCFOUNDRY:A2C1214772F351A51ABA0A47D3042A74
HistoryApr 12, 2019 - 12:00 a.m.

USN-3935-1: BusyBox vulnerabilities | Cloud Foundry

2019-04-1200:00:00
Cloud Foundry
www.cloudfoundry.org
196

0.088 Low

EPSS

Percentile

94.6%

JSON

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04
  • Canonical Ubuntu 16.04
  • Canonical Ubuntu 18.04

Description

Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2011-5325)

Mathias Krause discovered that BusyBox incorrectly handled kernel module loading restrictions. A local attacker could possibly use this issue to bypass intended restrictions. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9645)

It was discovered that BusyBox incorrectly handled certain ZIP archives. If a user or automated system were tricked into processing a specially crafted ZIP archive, a remote attacker could cause BusyBox to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2015-9261)

Nico Golde discovered that the BusyBox DHCP client incorrectly handled certain malformed domain names. A remote attacker could possibly use this issue to cause the DHCP client to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2147)

Nico Golde discovered that the BusyBox DHCP client incorrectly handled certain 6RD options. A remote attacker could use this issue to cause the DHCP client to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2148)

It was discovered that BusyBox incorrectly handled certain bzip2 archives. If a user or automated system were tricked into processing a specially crafted bzip2 archive, a remote attacker could cause BusyBox to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15873)

It was discovered that BusyBox incorrectly handled tab completion. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-16544)

It was discovered that the BusyBox wget utility incorrectly handled certain responses. A remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000517)

It was discovered that the BusyBox DHCP utilities incorrectly handled certain memory operations. A remote attacker could possibly use this issue to access sensitive information. (CVE-2018-20679, CVE-2019-5747)

CVEs contained in this USN include: CVE-2011-5325, CVE-2014-9645, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2017-15873, CVE-2017-16544, CVE-2018-1000517, CVE-2018-20679, CVE-2019-5747

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

  • Cloud Foundry BOSH trusty-stemcells are vulnerable, including:
    • 3586.x versions prior to 3586.96
    • 3541.x versions prior to 3541.93
    • 3468.x versions prior to 3468.109
    • 3445.x versions prior to 3445.107
    • 3421.x versions prior to 3421.124
    • All other stemcells not listed.
  • Cloud Foundry BOSH xenial-stemcells are vulnerable, including:
    • 170.x versions prior to 170.9
    • 97.x versions prior to 97.74
    • All other stemcells not listed.
  • All versions of Cloud Foundry cflinuxfs2 prior to 1.278.0
  • All versions of Cloud Foundry cflinuxfs3 prior to 0.76.0

Mitigation

Users of affected products are strongly encouraged to follow one of the mitigations below:

  • The Cloud Foundry project recommends upgrading the following BOSH trusty-stemcells:
    • Upgrade 3586.x versions to 3586.96
    • Upgrade 3541.x versions to 3541.93
    • Upgrade 3468.x versions to 3468.109
    • Upgrade 3445.x versions to 3445.107
    • Upgrade 3421.x versions to 3421.124
    • All other stemcells should be upgraded to the latest version available on bosh.io.
  • The Cloud Foundry project recommends upgrading the following BOSH xenial-stemcells:
    • Upgrade 170.x versions to 170.9
    • Upgrade 97.x versions to 97.74
    • All other stemcells should be upgraded to the latest version available on bosh.io.
  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.278.0 or later.
  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.76.0 or later.

References

Related

nessus 28
openvas 20
ubuntu 1
osv 9
debian 4
packetstorm 8
suse 3
nvd 11
ubuntucve 10
cve 11
alpinelinux 6
prion 11
debiancve 10
gentoo 3
redhatcve 5
cvelist 11
ibm 6
securityvulns 2
veracode 9
mageia 2
archlinux 2
checkpoint_advisories 1
zdt 2
ics 2
vmware 2
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : BusyBox vulnerabilities (USN-3935-1)
2019-04-04 00:00:00
RHEL 6 : busybox (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : busybox (Unpatched Vulnerability)
2024-06-03 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3935-1)
2019-04-04 00:00:00
Debian: Security Advisory (DLA-1445-1)
2018-07-26 00:00:00
Debian: Security Advisory (DLA-2559-1)
2021-02-16 00:00:00
ubuntu
ubuntu
BusyBox vulnerabilities
2019-04-03 00:00:00
osv
osv
busybox - security update
2018-07-27 00:00:00
busybox - security update
2021-02-15 00:00:00
CVE-2019-5747
2019-01-09 16:29:00
debian
debian
[SECURITY] [DLA 1445-1] busybox security update
2018-07-27 04:39:37
[SECURITY] [DLA 2559-1] busybox security update
2021-02-15 11:56:52
[SECURITY] [DLA 1445-3] busybox regression update
2018-08-03 05:18:30
packetstorm
packetstorm
ZTE Mobile Hotspot MS910S Backdoor / Hardcoded Password
2020-08-27 00:00:00
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
2019-09-04 00:00:00
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor
2022-06-20 00:00:00
suse
suse
Security update for busybox (important)
2021-10-27 00:00:00
Security update for busybox (important)
2021-10-31 00:00:00
Security update for busybox (important)
2022-05-18 00:00:00
nvd
nvd
CVE-2019-5747
2019-01-09 16:29:00
CVE-2014-9645
2017-03-12 06:59:00
CVE-2017-15873
2017-10-24 20:29:00
ubuntucve
ubuntucve
CVE-2018-20679
2019-01-09 00:00:00
CVE-2019-5747
2019-01-09 00:00:00
CVE-2014-9645
2017-03-12 00:00:00
cve
cve
CVE-2019-5747
2019-01-09 16:29:00
CVE-2014-9645
2017-03-12 06:59:00
CVE-2011-5325
2017-08-07 17:29:00
alpinelinux
alpinelinux
CVE-2019-5747
2019-01-09 16:29:00
CVE-2017-16544
2017-11-20 15:29:00
CVE-2017-15873
2017-10-24 20:29:00
prion
prion
Out-of-bounds
2019-01-09 16:29:00
Command injection
2017-03-12 06:59:00
Null pointer dereference
2018-07-26 19:29:00
debiancve
debiancve
CVE-2019-5747
2019-01-09 16:29:00
CVE-2014-9645
2017-03-12 06:59:00
CVE-2017-16544
2017-11-20 15:29:00
gentoo
gentoo
BusyBox: Multiple vulnerabilities
2016-12-04 00:00:00
BusyBox: Multiple vulnerabilities
2018-03-26 00:00:00
BusyBox: Multiple vulnerabilities
2015-03-29 00:00:00
redhatcve
redhatcve
CVE-2019-5747
2019-10-12 02:19:26
CVE-2017-15873
2017-11-20 12:50:18
CVE-2018-20679
2019-01-16 10:49:28
cvelist
cvelist
CVE-2019-5747
2019-01-09 16:00:00
CVE-2014-9645
2017-03-12 06:05:00
CVE-2017-15873
2017-10-24 20:00:00
ibm
ibm
Security Bulletin: IBM Security Access Manager appliances are affected by a vulnerability in Busybox (CVE-2014-9645)
2018-06-16 21:50:12
Security Bulletin: A vulnerability in busybox affects IBM NeXtScale Fan Power Controller (FPC) (CVE-2016-2147)
2019-01-31 02:25:02
Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 )
2018-06-16 21:46:13
securityvulns
securityvulns
busybox restrictions bypass
2015-02-11 00:00:00
[ MDVSA-2015:031 ] busybox
2015-02-11 00:00:00
veracode
veracode
Authorization Bypass
2020-09-21 06:36:59
Denial Of Serivce (DoS)
2020-05-10 23:28:00
Arbitrary Code Execution
2020-05-10 23:24:36
mageia
mageia
Updated busybox packages fix CVE-2014-9645
2015-01-28 00:08:29
Updated busybox packages fix security vulnerability
2018-10-26 21:47:14
archlinux
archlinux
[ASA-201803-1] busybox: arbitrary code execution
2018-03-01 00:00:00
[ASA-201803-2] mkinitcpio-busybox: arbitrary code execution
2018-03-01 00:00:00
checkpoint_advisories
checkpoint_advisories
BusyBox Project BusyBox udhcp Option Out of Bounds Read (CVE-2018-20679)
2019-02-24 00:00:00
zdt
zdt
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor Vulnerability
2022-06-21 00:00:00
Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials Vulnerability
2021-08-19 00:00:00
ics
ics
Advantech Spectre RT Industrial Routers
2021-02-23 12:00:00
Red Lion N-Tron 702-W, 702M12-W
2020-08-27 12:00:00
vmware
vmware
VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
2019-09-16 00:00:00
VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
2019-09-16 00:00:00

0.088 Low

EPSS

Percentile

94.6%

JSON
Related for CFOUNDRY:A2C1214772F351A51ABA0A47D3042A74
nessus28openvas20ubuntu1osv9debian4packetstorm8suse3nvd11ubuntucve10cve11alpinelinux6prion11debiancve10gentoo3redhatcve5cvelist11ibm6securityvulns2veracode9mageia2archlinux2checkpoint_advisories1zdt2ics2vmware2