Siemens SIMATIC S7-1500 TM MFP BIOS Use After Free (CVE-2021-42385)

A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CBL Mariner 2.0 Security Update: busybox (CVE-2021-42385)

The version of busybox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-42385 advisory. - A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when...

SUSE: Security Advisory (SUSE-SU-2022:4253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-42385 affecting package busybox for versions less than 1.35.0-1

CVE-2021-42385 affecting package busybox for versions less than 1.35.0-1. An upgraded version of the package is available that resolves this issue...

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2022-1287)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5179-1: BusyBox vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use...

CVE-2021-42385 affecting package busybox 1.32.0-2

CVE-2021-42385 affecting package busybox 1.32.0-2. An upgraded version of the package is available that resolves this issue...

Ubuntu 18.04 LTS / 20.04 LTS : BusyBox vulnerabilities (USN-5179-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5179-1 advisory. It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processin...

Fedora: Security Advisory for busybox (FEDORA-2021-c52c0fe490)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for busybox (FEDORA-2021-5a95823596)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OESA-2021-1449 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: A...

Updated busybox packages fix security vulnerability

A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. CVE-2021-42376 An attacker-controlled...

CVE-2021-42385

creationtimestamp| type| source ---|---|--- 2021-11-17 16:27:32+00:00| seen| https://t.me/cibsecurity/32506 2022-08-25 11:00:04+00:00| seen| https://t.me/poxek/2360...

CVE-2021-42385

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...

CVE-2021-42385

CVE-2021-42385 is a BusyBox vulnerability in the awk applet. The issue is a use-after-free in the awk evaluate function, which can cause denial of service and potentially allow code execution when processing a crafted awk pattern. Public reports across multiple vendors reference BusyBox awk patte...