Vulnerability CVE-2018-20679

Vulnerability Name:

CVE-2018-20679 (CCN-155376)

Assigned:

2019-01-08

Published:

2019-01-08

Updated:

2019-09-04

Summary:

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2018-20679

Source: MISC
Type: UNKNOWN
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html

Source: FULLDISC
Type: UNKNOWN
20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X

Source: CCN
Type: Bugzilla Bug 11506
Out of bounds read in udhcp_get_option()

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://bugs.busybox.net/show_bug.cgi?id=11506

Source: CCN
Type: BusyBox Web site
BusyBox

Source: MISC
Type: Release Notes, Third Party Advisory
https://busybox.net/news.html

Source: XF
Type: UNKNOWN
busybox-cve201820679-info-disc(155376)

Source: MISC
Type: Patch, Third Party Advisory
https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c

Source: CCN
Type: Packet Storm Security [09-04-2019
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox

Source: BUGTRAQ
Type: UNKNOWN
20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X

Source: UBUNTU
Type: Third Party Advisory
USN-3935-1

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [05-30-2018]
BusyBox Enumerate Host Names

Vulnerable Configuration:

Configuration 1:

cpe:/a:busybox:busybox:*:*:*:*:*:*:*:* (Version < 1.30.0)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:busybox:busybox:1.29.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7456	P	busybox-1.35.0-150500.8.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:800	P	Security update for libjpeg-turbo (Moderate)	2022-10-04
oval:org.opensuse.security:def:3744	P	Security update for java-11-openjdk (Important) (in QA)	2022-07-22
oval:org.opensuse.security:def:3701	P	libvpx1-1.3.0-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3515	P	gstreamer-plugins-good-1.8.3-15.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94627	P	libbsd-devel-0.8.7-3.3.17 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:93142	P	(Important)	2022-06-10
oval:org.opensuse.security:def:93295	P	(Important)	2022-05-16
oval:org.opensuse.security:def:99753	P	(Moderate)	2022-03-04
oval:org.opensuse.security:def:119071	P	Security update for busybox (Important)	2022-02-14
oval:org.opensuse.security:def:118882	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:100064	P	(Moderate)	2022-01-20
oval:org.opensuse.security:def:119564	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:861	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:119189	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:101592	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:118692	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:119379	P	Security update for busybox (Important)	2022-01-20
oval:org.opensuse.security:def:112032	P	busybox-1.35.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99228	P	(Important)	2022-01-17
oval:org.opensuse.security:def:106515	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10445	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92875	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102890	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9117	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70567	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96340	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109556	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:93425	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102933	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9478	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70858	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70027	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109599	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:64833	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96220	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10714	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:105918	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9876	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92278	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102900	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9129	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70581	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99626	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:69817	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109566	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:73955	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106316	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10427	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92676	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:103028	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:100136	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:8922	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109687	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96249	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106804	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10718	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9887	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102910	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9139	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70585	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99033	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109576	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96200	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10441	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:105723	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9677	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92083	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99427	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:69618	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96259	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:106117	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:92477	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:102929	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:111864	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70854	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99825	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:8727	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:70016	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:109595	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:96210	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:99160	P	(Important)	2021-11-11
oval:org.opensuse.security:def:111105	P	Security update for busybox (Important)	2021-10-31
oval:org.opensuse.security:def:105850	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:9804	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:92210	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:99554	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:69745	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:73912	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:106244	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:10355	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:92604	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:8854	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:106730	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:92989	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:98965	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:105655	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:9605	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:92015	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:70307	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:99355	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:69553	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:117520	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:106045	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:92405	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:111767	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:8666	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:69944	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:64604	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:106443	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:92803	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:101340	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:9049	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:70495	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:108006	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:73726	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:10167	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:9413	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:64790	P	Security update for busybox (Important)	2021-10-27
oval:com.ubuntu.disco:def:2018206790000000	V	CVE-2018-20679 on Ubuntu 19.04 (disco) - low.	2019-01-09
oval:com.ubuntu.bionic:def:201820679000	V	CVE-2018-20679 on Ubuntu 18.04 LTS (bionic) - low.	2019-01-09
oval:com.ubuntu.cosmic:def:2018206790000000	V	CVE-2018-20679 on Ubuntu 18.10 (cosmic) - low.	2019-01-09
oval:com.ubuntu.cosmic:def:201820679000	V	CVE-2018-20679 on Ubuntu 18.10 (cosmic) - low.	2019-01-09
oval:com.ubuntu.bionic:def:2018206790000000	V	CVE-2018-20679 on Ubuntu 18.04 LTS (bionic) - low.	2019-01-09
oval:com.ubuntu.trusty:def:201820679000	V	CVE-2018-20679 on Ubuntu 14.04 LTS (trusty) - low.	2019-01-09
oval:com.ubuntu.xenial:def:2018206790000000	V	CVE-2018-20679 on Ubuntu 16.04 LTS (xenial) - low.	2019-01-09
oval:com.ubuntu.xenial:def:201820679000	V	CVE-2018-20679 on Ubuntu 16.04 LTS (xenial) - low.	2019-01-09

BACK