Download
| Alert*
oval:org.secpod.oval:def:54090
busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:1800551 The busybox NTP implementation doesn"t check the NTP mode of packets received on the server port and responds to any packet with the right size. This includes responses from another NTP server. An attacker can send a packet with a spoofed source address in order to create an infinite loop of respons ... oval:org.secpod.oval:def:2001464 The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service via a forged NTP packet, which triggers a communication loop. oval:org.secpod.oval:def:2001169 Integer overflow in the DHCP client in BusyBox before 1.25.0 allows remote attackers to cause a denial of service via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write. oval:org.secpod.oval:def:1901585 An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option in networking/udhcp/common.c that 4-byte options a ... oval:org.secpod.oval:def:704873 busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:54091 busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:1900505 Integer overflow in the DHCP client in BusyBox before 1.25.0 allows remote attackers to cause a denial of service via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write. oval:org.secpod.oval:def:1900537 Heap-based buffer overflow in the DHCP client in BusyBox before1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. oval:org.secpod.oval:def:2001584 An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option in networking/udhcp/common.c that 4-byte options a ... oval:org.secpod.oval:def:2000565 Heap-based buffer overflow in the DHCP client in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. |