Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2012:129-1 | First vendor Publication | 2012-08-10 |
Vendor | Mandriva | Last vendor Modification | 2012-08-10 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities was found and corrected in busybox: The decompress function in ncompress allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow (CVE-2006-1168). A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted (CVE-2011-2716). Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues. Update: The wrong set of packages was sent out with the MDVSA-2012:129 advisory that lacked the fix for CVE-2006-1168. This advisory provides the correct packages. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:129-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20788 | |||
Oval ID: | oval:org.mitre.oval:def:20788 | ||
Title: | RHSA-2012:0308: busybox security and bug fix update (Low) | ||
Description: | The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0308-03 CVE-2006-1168 CVE-2011-2716 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21495 | |||
Oval ID: | oval:org.mitre.oval:def:21495 | ||
Title: | RHSA-2012:0810: busybox security and bug fix update (Low) | ||
Description: | The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0810-04 CESA-2012:0810 CVE-2006-1168 CVE-2011-2716 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22866 | |||
Oval ID: | oval:org.mitre.oval:def:22866 | ||
Title: | ELSA-2012:0308: busybox security and bug fix update (Low) | ||
Description: | The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0308-03 CVE-2006-1168 CVE-2011-2716 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23400 | |||
Oval ID: | oval:org.mitre.oval:def:23400 | ||
Title: | ELSA-2012:0810: busybox security and bug fix update (Low) | ||
Description: | The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0810-04 CVE-2006-1168 CVE-2011-2716 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27729 | |||
Oval ID: | oval:org.mitre.oval:def:27729 | ||
Title: | DEPRECATED: ELSA-2012-0308 -- busybox security and bug fix update (low) | ||
Description: | [1:1.2.0-13] - Resolves: #768083 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc insufficient checking of DHCP options' [1:1.2.0-12] - Resolves: #756723 'Kdump fails after findfs subcommand of busybox fails' [1:1.2.0-11] - Resolves: #689659 ''busybox cp' does not return a correct exit code when 'No space left on device'' | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0308 CVE-2011-2716 CVE-2006-1168 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27773 | |||
Oval ID: | oval:org.mitre.oval:def:27773 | ||
Title: | DEPRECATED: ELSA-2012-0810 -- busybox security and bug fix update (low) | ||
Description: | [1:1.15.1-15] - Fix btrfs support to findfs and related applets - Resolves: #751927 [1:1.15.1-14] - Resolves: #790335 'busybox various flaws' Added a fix for SEGV on empty command in hush [1:1.15.1-13] - Resolves: #790335 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc insufficient checking of DHCP options' [1:1.15.1-12] - Backport 'set -o pipefail' support - Resolves: #782018 - Add btrfs support to findfs and related applets - Resolves: #751927 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0810 CVE-2011-2716 CVE-2006-1168 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | busybox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9373 | |||
Oval ID: | oval:org.mitre.oval:def:9373 | ||
Title: | The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. | ||
Description: | The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-1168 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-14 | Name : Mandriva Update for busybox MDVSA-2012:129 (busybox) File : nvt/gb_mandriva_MDVSA_2012_129.nasl |
2012-08-14 | Name : Mandriva Update for busybox MDVSA-2012:129-1 (busybox) File : nvt/gb_mandriva_MDVSA_2012_129_1.nasl |
2012-07-30 | Name : CentOS Update for busybox CESA-2012:0810 centos6 File : nvt/gb_CESA-2012_0810_busybox_centos6.nasl |
2012-06-22 | Name : RedHat Update for busybox RHSA-2012:0810-04 File : nvt/gb_RHSA-2012_0810-04_busybox.nasl |
2012-02-21 | Name : RedHat Update for busybox RHSA-2012:0308-03 File : nvt/gb_RHSA-2012_0308-03_busybox.nasl |
2012-02-12 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD14.nasl |
2011-11-08 | Name : Mandriva Update for gimp MDVSA-2011:167 (gimp) File : nvt/gb_mandriva_MDVSA_2011_167.nasl |
2011-10-21 | Name : Mandriva Update for libxfont MDVSA-2011:153 (libxfont) File : nvt/gb_mandriva_MDVSA_2011_153.nasl |
2011-10-14 | Name : Mandriva Update for cups MDVSA-2011:146 (cups) File : nvt/gb_mandriva_MDVSA_2011_146.nasl |
2011-09-21 | Name : FreeBSD Ports: libXfont File : nvt/freebsd_libXfont.nasl |
2009-10-10 | Name : SLES9: Security update for ncompress File : nvt/sles9p5010157.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200610-03 (ncompress) File : nvt/glsa_200610_03.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1149-1 (ncompress) File : nvt/deb_1149_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74185 | BusyBox DHCP Server hostname Response Parsing Remote Command Execution |
27868 | ncompress decompress() Function Datastream Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-02.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-103.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0810.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0308.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0663.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-129.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_busybox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120620_busybox_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0810.nasl - Type : ACT_GATHER_INFO |
2012-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0810.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0308.nasl - Type : ACT_GATHER_INFO |
2011-11-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-167.nasl - Type : ACT_GATHER_INFO |
2011-10-18 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-153.nasl - Type : ACT_GATHER_INFO |
2011-10-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-146.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ncompress-1911.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2006-140.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1149.nasl - Type : ACT_GATHER_INFO |
2006-10-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200610-03.nasl - Type : ACT_GATHER_INFO |
2006-09-14 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0663.nasl - Type : ACT_GATHER_INFO |
2006-09-14 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0663.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:43:05 |
|