21 matches found
SUSE CVE-2018-20679
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components consumed by the DHCP server, client, and relay allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcpgetoption in...
Bender ebee 充电控制器 安全漏洞
The ebee is a charge controller from Bender. A security vulnerability exists in the Bender ebee Charge Controller that stems from an easy local privilege escalation. An authenticated attacker can gain root access via the suid application socat, ip udhcpc, and ifplugd. The following products and...
Security update for busybox (important)
openSUSE Security Update: Security update for busybox Announcement ID: openSUSE-SU-2021:1408-1 Rating: important References: 1099260 1099263 1121426 1184522 951562 Cross-References: CVE-2011-5325 CVE-2018-1000500 CVE-2018-1000517 CVE-2018-20679 CVE-2021-28831 CVSS scores: CVE-2011-5325 NVD : 7.5...
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:3531-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for busybox (important)
openSUSE Security Update: Security update for busybox Announcement ID: openSUSE-SU-2021:3531-1 Rating: important References: 1099260 1099263 1121426 1184522 951562 Cross-References: CVE-2011-5325 CVE-2018-1000500 CVE-2018-1000517 CVE-2018-20679 CVE-2021-28831 CVSS scores: CVE-2011-5325 NVD : 7.5...
Information Disclosure
busybox is vulnerable to information disclosure. An out of bounds read in the udhcp components allows a remote attacker to leak confidential information from the stack by sending malicious DHCP messages...
CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
BusyBox Project BusyBox udhcp Option Out of Bounds Read (CVE-2018-20679)
An out-of-bounds read vulnerability has been reported in the udhcp module of BusyBox. This vulnerability is due to insufficient validation of the length of certain options in a DHCP packets. A remote attacker could exploit this vulnerability by sending maliciously crafted messages to a DHCP clien...
CVE-2018-20679
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components consumed by the DHCP server, client, and relay allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcpgetoption in...
BusyBox Out-of-Bounds Read Vulnerability
BusyBox is a set of applications containing several linux commands and tools maintained by Ukrainian software developer Denis Vlasenko. An out-of-bounds read vulnerability exists in the udhcp component of BusyBox 1.30.0 and earlier versions, which can be exploited by a remote attacker to disclose...
ALPINE-CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
Out-of-bounds
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components consumed by the DHCP server, client, and relay allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcpgetoption in...
DEBIAN-CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
CVE-2019-5747
CVE-2019-5747 affects BusyBox udhcp components (DHCP client/server/relay) via an out-of-bounds read that can leak stack data when handling crafted DHCP messages. Root cause relates to 4-byte option length verification in udhcp_get_option() as part of a prior fix for CVE-2018-20679. Affected produ...
CVE-2018-20679
CVE-2018-20679 — BusyBox udhcp (DHCP) out-of-bounds read is fixed in BusyBox before 1.30.0. The issue occurs in udhcp_get_option() where 4-byte options are not consistently validated, enabling a remote attacker to leak information from the stack via crafted DHCP messages. The vulnerability affect...
CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...
CVE-2018-20679
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components consumed by the DHCP server, client, and relay allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcpgetoption in...