7.5
CVSSv2

CVE-2016-2148

Published: 09/02/2017 Updated: 27/08/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.

Vendor Advisories

Debian Bug report logs - #818497 busybox: CVE-2016-2148: heap overflow in OPTION_6RD parsing Package: src:busybox; Maintainer for src:busybox is Debian Install System Team <debian-boot@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 17 Mar 2016 16:27:01 UTC Severity: normal Tags: f ...
Debian Bug report logs - #818499 busybox: CVE-2016-2147: OOB heap write due to integer underflow Package: src:busybox; Maintainer for src:busybox is Debian Install System Team <debian-boot@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 17 Mar 2016 16:30:06 UTC Severity: normal Tag ...
Debian Bug report logs - #802702 CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory Package: busybox; Maintainer for busybox is Debian Install System Team <debian-boot@listsdebianorg>; Source for busybox is src:busybox (PTS, buildd, popcon) Re ...
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1250 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing ...
Debian Bug report logs - #803097 busybox: CVE-2015-9261: segmentation fault while unzipping bad archive Package: busybox; Maintainer for busybox is Debian Install System Team <debian-boot@listsdebianorg>; Source for busybox is src:busybox (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date: Mon, 26 O ...
Several security issues were fixed in BusyBox ...

Mailing Lists

SEC Consult Vulnerability Lab Security Advisory < 20200827-0 > ======================================================================= title: Multiple Vulnerabilities product: ZTE mobile Hotspot MS910S vulnerable version: DL_MF910S_CN_EUV10001 fixed version: - CVE number: CVE-2019-3422 ...
SEC Consult Vulnerability Lab Security Advisory < 20190904-0 > ======================================================================= title: Multiple vulnerabilities product: Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, ...
SEC Consult Vulnerability Lab Security Advisory < 20190612-0 > ======================================================================= title: Multiple vulnerabilities product: WAGO 852 Industrial Managed Switch Series vulnerable version: 852-303: <v122S0 852-1305: <v116S0 ...
SEC Consult Vulnerability Lab Security Advisory < 20190612-0 > ======================================================================= title: Multiple vulnerabilities product: WAGO 852 Industrial Managed Switch Series vulnerable version: 852-303: <v122S0 852-1305: <v116S0 ...
SEC Consult Vulnerability Lab Security Advisory < 20190904-0 > ======================================================================= title: Multiple vulnerabilities product: Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, ...
ZTE Mobile Hotspot MS910S version DL_MF910S_CN_EUV10001 suffers from having a hard-coded administrative password, busybox vulnerabilities, and having a known backdoor in the GoAhead webserver ...
Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities ...
The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector ...

Github Repositories

clairctl Tracking container vulnerabilities with Clair Control Clairctl is a lightweight command-line tool doing the bridge between Registries as Docker Hub, Docker Registry or Quayio, and the CoreOS vulnerability tracker, Clair Clairctl will play as reverse proxy for authentication Clairctl version is align with the CoreOS Clair supported version Installation Released