Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-5325
HistoryAug 07, 2017 - 12:00 a.m.

CVE-2011-5325

2017-08-0700:00:00
ubuntu.com
ubuntu.com
13

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.4%

JSON

Directory traversal vulnerability in the BusyBox implementation of tar
before 1.22.0 v5 allows remote attackers to point to files outside the
current working directory via a symlink.

Bugs

Notes

Author Note
mdeslaur bionic only contains first commit adding the second commit to bionic introduced a regression in debootstrep, see LP: #1737662 new third commit mostly reverses second commit two new commits are now available that possibly fix further symlink issues
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu18.10noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu19.04noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu19.10noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu20.04noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu20.10noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu21.04noarchbusybox< 1:1.27.2-2ubuntu3UNKNOWN
ubuntu14.04noarchbusybox< 1:1.21.0-1ubuntu1.4UNKNOWN
ubuntu16.04noarchbusybox< 1:1.22.0-15ubuntu1.4UNKNOWN

Related

debiancve 1
cve 2
nessus 11
veracode 1
debian 3
prion 2
openvas 12
suse 3
osv 2
packetstorm 2
cloudfoundry 1
ubuntu 1
debiancve
debiancve
CVE-2011-5325
2017-08-07 17:29:00
cve
cve
CVE-2011-5325
2017-08-07 17:29:00
CVE-2022-23227
2022-01-14 18:15:00
nessus
nessus
Debian DLA-1445-3 : busybox regression update
2018-07-27 00:00:00
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2021:3531-1)
2021-10-28 00:00:00
veracode
veracode
Directory Traversal
2021-02-15 22:51:22
debian
debian
[SECURITY] [DLA 1445-3] busybox regression update
2018-08-03 05:18:30
[SECURITY] [DLA 1445-1] busybox security update
2018-07-27 04:39:37
[SECURITY] [DLA 2559-1] busybox security update
2021-02-15 11:56:52
prion
prion
Directory traversal
2017-08-07 17:29:00
Design/Logic Flaw
2022-01-14 18:15:00
openvas
openvas
NUUO NVRmini 2 <= 03.11.0000.0016 RCE Vulnerability - Active Check
2022-01-18 00:00:00
Western Digital My Cloud Multiple Products < 2.31.193 Multiple Vulnerabilities
2020-09-02 00:00:00
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
suse
suse
Security update for busybox (important)
2021-10-31 00:00:00
Security update for busybox (important)
2021-10-27 00:00:00
Security update for busybox (important)
2022-05-18 00:00:00
osv
osv
busybox - security update
2021-02-15 00:00:00
busybox - security update
2018-07-27 00:00:00
packetstorm
packetstorm
ZTE Mobile Hotspot MS910S Backdoor / Hardcoded Password
2020-08-27 00:00:00
WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials
2019-06-13 00:00:00
cloudfoundry
cloudfoundry
USN-3935-1: BusyBox vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
ubuntu
ubuntu
BusyBox vulnerabilities
2019-04-03 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.4%

JSON
Related for UB:CVE-2011-5325
debiancve1cve2nessus11veracode1debian3prion2openvas12suse3osv2packetstorm2cloudfoundry1ubuntu1