CVE-2019-5747

CVE-2019-5747

Name

CVE-2019-5747

Description

An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Patch	https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06
Exploit	https://bugs.busybox.net/show_bug.cgi?id=11506
Third Party Advisory	https://usn.ubuntu.com/3935-1/
FULLDISC	http://seclists.org/fulldisclosure/2019/Sep/7
BUGTRAQ	https://seclists.org/bugtraq/2019/Sep/7
MISC	http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html

Type

URI

Patch

https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06

Exploit

https://bugs.busybox.net/show_bug.cgi?id=11506

Third Party Advisory

https://usn.ubuntu.com/3935-1/

FULLDISC

http://seclists.org/fulldisclosure/2019/Sep/7

BUGTRAQ

https://seclists.org/bugtraq/2019/Sep/7

MISC

http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:busybox:busybox::::::::`	busybox	>= None	<= 1.30.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*

busybox

>= None

<= 1.30.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
busybox	edge-main	1.30.1-r2	None	fixed
busybox	edge-main	1.29.3-r10	None	possibly vulnerable
busybox	edge-main	1.28.3-r2	None	possibly vulnerable
busybox	edge-main	1.27.2-r4	None	possibly vulnerable
busybox	3.22-main	1.30.1-r2	None	fixed
busybox	3.22-main	1.29.3-r10	None	possibly vulnerable
busybox	3.22-main	1.28.3-r2	None	possibly vulnerable
busybox	3.22-main	1.27.2-r4	None	possibly vulnerable
busybox	3.21-main	1.30.1-r2	None	fixed
busybox	3.21-main	1.29.3-r10	None	possibly vulnerable
busybox	3.21-main	1.28.3-r2	None	possibly vulnerable
busybox	3.21-main	1.27.2-r4	None	possibly vulnerable
busybox	3.20-main	1.30.1-r2	None	fixed
busybox	3.20-main	1.29.3-r10	None	possibly vulnerable
busybox	3.20-main	1.28.3-r2	None	possibly vulnerable
busybox	3.20-main	1.27.2-r4	None	possibly vulnerable
busybox	3.19-main	1.30.1-r2	None	fixed
busybox	3.19-main	1.29.3-r10	None	possibly vulnerable
busybox	3.19-main	1.28.3-r2	None	possibly vulnerable
busybox	3.19-main	1.27.2-r4	None	possibly vulnerable
busybox	3.18-main	1.30.1-r2	None	fixed
busybox	3.17-main	1.30.1-r2	None	fixed
busybox	3.12-main	1.30.1-r2	None	fixed
busybox	3.11-main	1.30.1-r2	None	fixed
busybox	3.10-main	1.30.1-r2	None	fixed

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages