Lucene search
K

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2020-1284)

🗓️ 23 Mar 2020 00:00:00Reported by Copyright (C) 2020 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 104 Views

Security update for Huawei EulerOS 'busybox

Related
Refs
Code
ReporterTitlePublishedViews
Family
AlpineLinux
CVE-2018-1000500
26 Jun 201816:00
alpinelinux
AlpineLinux
CVE-2018-20679
9 Jan 201916:00
alpinelinux
AlpineLinux
CVE-2019-5747
9 Jan 201916:00
alpinelinux
AstraLinux
Astra Linux – Vulnerability in busybox
20 May 202605:53
astralinux
Information Security Automation
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
30 Dec 202218:03
avleonov
BDU FSTEC
The vulnerability of the wget console program for downloading files over the network is related to the UNIX utility commands in the BusyBox. This vulnerability stems from the operation of writing data beyond the buffer limit into dynamic memory, allowing an attacker to compromise the integrity and accessibility of data, as well as to cause service failures.
25 Apr 201900:00
bdu_fstec
BDU FSTEC
The vulnerability of the udhcp component in the UNIX-based BusyBox command-line utilities, related to reading beyond the buffer in memory, allows an intruder to gain unauthorized access to protected information.
9 Jul 202000:00
bdu_fstec
BDU FSTEC
The vulnerability of the busybox wget component in the UNIX command-line utilities of BusyBox allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
14 Sep 202200:00
bdu_fstec
CBLMariner
CVE-2018-1000500 affecting package busybox 1.31.1-3
6 Apr 202123:50
cbl_mariner
Cloud Foundry
USN-3935-1: BusyBox vulnerabilities | Cloud Foundry
12 Apr 201900:00
cloudfoundry
Rows per page
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.2.2020.1284");
  script_cve_id("CVE-2018-1000500", "CVE-2018-1000517", "CVE-2018-20679", "CVE-2019-5747");
  script_tag(name:"creation_date", value:"2020-03-23 07:39:49 +0000 (Mon, 23 Mar 2020)");
  script_version("2024-02-05T14:36:56+0000");
  script_tag(name:"last_modification", value:"2024-02-05 14:36:56 +0000 (Mon, 05 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2018-08-30 17:21:26 +0000 (Thu, 30 Aug 2018)");

  script_name("Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2020-1284)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2020 Greenbone AG");
  script_family("Huawei EulerOS Local Security Checks");
  script_dependencies("gb_huawei_euleros_consolidation.nasl");
  script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP8");

  script_xref(name:"Advisory-ID", value:"EulerOS-SA-2020-1284");
  script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2020-1284");

  script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'busybox' package(s) announced via the EulerOS-SA-2020-1284 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Busybox contains a Missing SSL certificate validation vulnerability in The 'busybox wget' applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using 'busybox wget https://compromised-domain.com/important-file'.(CVE-2018-1000500)

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.(CVE-2018-1000517)

An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.(CVE-2019-5747)

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.(CVE-2018-20679)");

  script_tag(name:"affected", value:"'busybox' package(s) on Huawei EulerOS V2.0SP8.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "EULEROS-2.0SP8") {

  if(!isnull(res = isrpmvuln(pkg:"busybox", rpm:"busybox~1.28.3~2.h4.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation