Vulnerability CVE-2013-1813 - CERT Civis.Net

Vulnerability Name:

CVE-2013-1813 (CCN-82520)

Assigned:

2013-03-01

Published:

2013-03-01

Updated:

2020-08-27

Summary:

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.

CVSS v3 Severity:

5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
6.2 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

3.3 Low (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P)
2.9 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial

3.6 Low (REDHAT CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N)
3.1 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

File Manipulation

References:

Source: CCN
Type: Debian Bug report logs - #701965
CVE-2013-1813 busybox mdev creates deep subdirs in /dev with 0777 permissions

Source: CONFIRM
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965

Source: MITRE
Type: CNA
CVE-2013-1813

Source: CONFIRM
Type: Exploit, Patch
http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784

Source: MLIST
Type: UNKNOWN
[busybox] 20130722 1.21.0 is released

Source: MISC
Type: UNKNOWN
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html

Source: CCN
Type: RHSA-2013-1732
Low: busybox security and bug fix update

Source: REDHAT
Type: Vendor Advisory
RHSA-2013:1732

Source: FULLDISC
Type: UNKNOWN
20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Source: FULLDISC
Type: UNKNOWN
20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S

Source: FULLDISC
Type: UNKNOWN
20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client

Source: CCN
Type: BusyBox
BusyBox

Source: CCN
Type: BID-58249
BusyBox Symlink Attack Local Privilege Escalation Vulnerability

Source: XF
Type: UNKNOWN
busybox-mdev-symlink(82520)

Source: BUGTRAQ
Type: UNKNOWN
20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Source: CONFIRM
Type: UNKNOWN
https://support.t-mobile.com/docs/DOC-21994

Vulnerable Configuration:

Configuration 1:

cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:busybox:busybox:0.38:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.39:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.40:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.41:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.42:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.43:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.45:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.46:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.47:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.48:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.49:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.50:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.51:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.52:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.60.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.60.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.60.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.60.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.60.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:0.60.5:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.00:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.01:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.1.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.2.2.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.3.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.5.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.6.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.6.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.7.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.7.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.7.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.8.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.8.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.8.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.9.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.9.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.9.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.10.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.10.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.10.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.10.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.10.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.11.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.11.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.11.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.11.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.12.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.12.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.12.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.12.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.12.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.13.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.13.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.13.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.13.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.13.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.14.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.14.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.14.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.14.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.14.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.15.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.15.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.15.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.15.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.16.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.16.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.16.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.17.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.17.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.17.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.17.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.17.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.18.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.18.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.18.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.18.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.18.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.18.5:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.19.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.19.2:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.19.3:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.19.4:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.20.0:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.20.1:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:*:*:*:*:*:*:*:* (Version <= 1.20.2)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:27506	P	ELSA-2013-1732 -- busybox security and bug fix update (low)	2014-12-15
oval:org.mitre.oval:def:26241	P	RHSA-2013:1732: busybox security and bug fix update (Low)	2014-09-15
oval:com.ubuntu.xenial:def:201318130000000	V	CVE-2013-1813 on Ubuntu 16.04 LTS (xenial) - negligible.	2013-11-23
oval:com.ubuntu.precise:def:20131813000	V	CVE-2013-1813 on Ubuntu 12.04 LTS (precise) - negligible.	2013-11-23
oval:com.ubuntu.artful:def:20131813000	V	CVE-2013-1813 on Ubuntu 17.10 (artful) - negligible.	2013-11-23
oval:com.ubuntu.disco:def:201318130000000	V	CVE-2013-1813 on Ubuntu 19.04 (disco) - negligible.	2013-11-23
oval:com.ubuntu.trusty:def:20131813000	V	CVE-2013-1813 on Ubuntu 14.04 LTS (trusty) - negligible.	2013-11-23
oval:com.ubuntu.cosmic:def:201318130000000	V	CVE-2013-1813 on Ubuntu 18.10 (cosmic) - negligible.	2013-11-23
oval:com.ubuntu.bionic:def:20131813000	V	CVE-2013-1813 on Ubuntu 18.04 LTS (bionic) - negligible.	2013-11-23
oval:com.ubuntu.xenial:def:20131813000	V	CVE-2013-1813 on Ubuntu 16.04 LTS (xenial) - negligible.	2013-11-23
oval:com.ubuntu.bionic:def:201318130000000	V	CVE-2013-1813 on Ubuntu 18.04 LTS (bionic) - negligible.	2013-11-23
oval:com.ubuntu.cosmic:def:20131813000	V	CVE-2013-1813 on Ubuntu 18.10 (cosmic) - negligible.	2013-11-23
oval:com.redhat.rhsa:def:20131732	P	RHSA-2013:1732: busybox security and bug fix update (Low)	2013-11-21