Vulnerability CVE-2017-16544 - CERT Civis.Net

Vulnerability Name:

CVE-2017-16544 (CCN-135207)

Assigned:

2017-11-20

Published:

2017-11-20

Updated:

2022-10-28

Summary:

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.9 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.8 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2017-16544

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20200902 SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20210819 SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20210113 SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series

Source: CCN
Type: IBM Security Bulletin 716653 (Cloud Private)
Multiple Security Vulnerabilities affect IBM Cloud Private

Source: CONFIRM
Type: Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2019-0013.html

Source: XF
Type: UNKNOWN
busybox-cve201716544-code-exec(135207)

Source: CCN
Type: BusyBox GIT Repository
BusyBox

Source: MISC
Type: Patch, Vendor Advisory
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update

Source: CCN
Type: Packet Storm Security [06-20-2022]
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

Source: BUGTRAQ
Type: Exploit, Mailing List, Third Party Advisory
20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Source: BUGTRAQ
Type: Exploit, Mailing List, Third Party Advisory
20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X

Source: MISC
Type: Third Party Advisory, US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01

Source: UBUNTU
Type: Third Party Advisory
USN-3935-1

Source: MISC
Type: Third Party Advisory
https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/

Source: CCN
Type: VMSA-2019-0013
VMware ESXi 'busybox' command injection vulnerability

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-16544

Vulnerable Configuration:

Configuration 1:

cpe:/a:busybox:busybox:*:*:*:*:*:*:*:* (Version <= 1.27.2)

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:vmware:esxi:6.0:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:-:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201811001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201811401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:-:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:-:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:1:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:1a:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:1b:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:2:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:3:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:3a:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201903001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201905001:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.0:600-201909001:*:*:*:*:*:*

Configuration 4:

cpe:/o:redlion:n-tron_702-w_firmware:*:*:*:*:*:*:*:*

AND

cpe:/h:redlion:n-tron_702-w:-:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:redlion:n-tron_702m12-w_firmware:*:*:*:*:*:*:*:*

AND

cpe:/h:redlion:n-tron_702m12-w:-:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration CCN 1:

cpe:/o:vmware:esxi:6.0:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.5:*:*:*:*:*:*:*

OR cpe:/a:busybox:busybox:1.27.2:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:6.7:*:*:*:*:*:*:*

AND

cpe:/a:ibm:cloud_private:2.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7456	P	busybox-1.35.0-150500.8.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3744	P	Security update for java-11-openjdk (Important) (in QA)	2022-07-22
oval:org.opensuse.security:def:119071	P	Security update for busybox (Important)	2022-02-14
oval:org.opensuse.security:def:119189	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:118692	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:119379	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:118882	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:119564	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:101592	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:861	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:99228	P	(Important)	2022-01-17
oval:org.opensuse.security:def:112032	P	busybox-1.35.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:109599	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92875	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106316	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70585	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:64833	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102933	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9887	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99626	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:8922	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96220	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109566	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92278	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:105723	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70027	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10714	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102900	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9478	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99033	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109687	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:93425	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106515	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70854	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:69618	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:103028	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10427	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99825	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9117	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96249	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109576	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92477	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:105918	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70567	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10718	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102910	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9677	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96200	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106804	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70858	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:111864	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:69817	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10441	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:100136	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9129	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96259	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109595	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92676	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106117	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70581	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:73955	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102929	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9876	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99427	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:8727	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96210	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109556	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92083	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70016	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10445	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102890	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9139	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96340	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:com.ubuntu.xenial:def:2017165440000000	V	CVE-2017-16544 on Ubuntu 16.04 LTS (xenial) - medium.	2017-11-20
oval:com.ubuntu.artful:def:201716544000	V	CVE-2017-16544 on Ubuntu 17.10 (artful) - medium.	2017-11-20
oval:com.ubuntu.xenial:def:201716544000	V	CVE-2017-16544 on Ubuntu 16.04 LTS (xenial) - medium.	2017-11-20
oval:com.ubuntu.disco:def:2017165440000000	V	CVE-2017-16544 on Ubuntu 19.04 (disco) - medium.	2017-11-20
oval:com.ubuntu.bionic:def:201716544000	V	CVE-2017-16544 on Ubuntu 18.04 LTS (bionic) - medium.	2017-11-20
oval:com.ubuntu.cosmic:def:2017165440000000	V	CVE-2017-16544 on Ubuntu 18.10 (cosmic) - medium.	2017-11-20
oval:com.ubuntu.cosmic:def:201716544000	V	CVE-2017-16544 on Ubuntu 18.10 (cosmic) - medium.	2017-11-20
oval:com.ubuntu.bionic:def:2017165440000000	V	CVE-2017-16544 on Ubuntu 18.04 LTS (bionic) - medium.	2017-11-20
oval:com.ubuntu.trusty:def:201716544000	V	CVE-2017-16544 on Ubuntu 14.04 LTS (trusty) - medium.	2017-11-20