Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

31 – 40 of 41 results


CVE-2017-15873

Low priority

Some fixes available 9 of 11

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Fixed Fixed Fixed
Show less packages

CVE-2011-5325

Low priority

Some fixes available 9 of 15

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Fixed Fixed Fixed
Show less packages

CVE-2014-9645

Low priority

Some fixes available 1 of 5

The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig...

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Not affected Not affected Not affected
Show less packages

CVE-2016-2148

Low priority

Some fixes available 2 of 6

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Not affected Fixed
Show less packages

CVE-2016-2147

Low priority

Some fixes available 2 of 7

Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Not affected Not affected Fixed
Show less packages

CVE-2016-6301

Low priority
Not affected

The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Not affected
Show less packages

CVE-2013-1813

Negligible priority
Ignored

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Not affected Not affected Not affected
Show less packages

CVE-2011-2716

Negligible priority
Ignored

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox Not affected Not affected Not affected
Show less packages

CVE-2007-4998

Low priority
Ignored

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are...

2 affected packages

busybox, coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox
coreutils
Show less packages

CVE-2006-1058

Unknown priority
Fixed

BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

1 affected packages

busybox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
busybox
Show less packages