Lucene search
Veracode Vulnerability DatabaseVERACODE:26962HistorySep 21, 2020 - 6:27 a.m.
Information Disclosure
2020-09-2106:27:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
busybox
vulnerability
information disclosure
udhcp
remote attacker
dhcp
malicious messages
software
EPSS
0.006
Percentile
77.9%
busybox is vulnerable to information disclosure. An out of bounds read in the udhcp components allows a remote attacker to leak confidential information from the stack by sending malicious DHCP messages.
References
packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
seclists.org/fulldisclosure/2019/Sep/7
bugs.busybox.net/show_bug.cgi?id=11506
busybox.net/news.html
git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c
seclists.org/bugtraq/2019/Sep/7
usn.ubuntu.com/3935-1/
Related
checkpoint_advisories
checkpoint_advisories
BusyBox Project BusyBox udhcp Option Out of Bounds Read (CVE-2018-20679)
2019-02-24 00:00:00
redhatcve
redhatcve
CVE-2018-20679
2019-01-16 10:49:28
CVE-2019-5747
2019-10-12 02:19:26
osv
osv
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
busybox-1.35.0-1.1 on GA media
2024-06-15 00:00:00
debiancve
debiancve
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
prion
prion
Out-of-bounds
2019-01-09 16:29:00
Out-of-bounds
2019-01-09 16:29:00
cve
cve
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
alpinelinux
alpinelinux
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
nvd
nvd
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
cvelist
cvelist
CVE-2018-20679
2019-01-09 16:00:00
CVE-2019-5747
2019-01-09 16:00:00
ubuntucve
ubuntucve
CVE-2018-20679
2019-01-09 00:00:00
CVE-2019-5747
2019-01-09 00:00:00
openvas
openvas
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2020-1284)
2020-03-23 00:00:00
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
nessus
nessus
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2021:3531-1)
2021-10-28 00:00:00
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
suse
suse
Security update for busybox (important)
2021-10-31 00:00:00
Security update for busybox (important)
2021-10-27 00:00:00
Security update for busybox (important)
2022-05-18 00:00:00
ics
ics
Advantech Spectre RT Industrial Routers
2021-02-23 12:00:00
cloudfoundry
cloudfoundry
USN-3935-1: BusyBox vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
ubuntu
ubuntu
BusyBox vulnerabilities
2019-04-03 00:00:00
packetstorm
packetstorm
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
2019-09-04 00:00:00