CVE-2013-1813
Vulnerability from cvelistv5
Published
2013-11-23 11:00
Modified
2024-08-06 15:13
Severity ?
Summary
util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:13:32.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.t-mobile.com/docs/DOC-21994"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965"
          },
          {
            "name": "RHSA-2013:1732",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1732.html"
          },
          {
            "name": "[busybox] 20130722 1.21.0 is released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.busybox.net/pipermail/busybox/2013-January/078864.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784"
          },
          {
            "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jun/18"
          },
          {
            "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/14"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
          },
          {
            "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2020/Mar/15"
          },
          {
            "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2020/Aug/20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-27T19:06:14",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.t-mobile.com/docs/DOC-21994"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965"
        },
        {
          "name": "RHSA-2013:1732",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1732.html"
        },
        {
          "name": "[busybox] 20130722 1.21.0 is released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.busybox.net/pipermail/busybox/2013-January/078864.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784"
        },
        {
          "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jun/18"
        },
        {
          "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/14"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
        },
        {
          "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2020/Mar/15"
        },
        {
          "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2020/Aug/20"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-1813",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.t-mobile.com/docs/DOC-21994",
              "refsource": "CONFIRM",
              "url": "https://support.t-mobile.com/docs/DOC-21994"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965"
            },
            {
              "name": "RHSA-2013:1732",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1732.html"
            },
            {
              "name": "[busybox] 20130722 1.21.0 is released",
              "refsource": "MLIST",
              "url": "http://lists.busybox.net/pipermail/busybox/2013-January/078864.html"
            },
            {
              "name": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784",
              "refsource": "CONFIRM",
              "url": "http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784"
            },
            {
              "name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jun/18"
            },
            {
              "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/14"
            },
            {
              "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
            },
            {
              "name": "20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router \u0026 TC Cloud Client",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2020/Mar/15"
            },
            {
              "name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2020/Aug/20"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-1813",
    "datePublished": "2013-11-23T11:00:00",
    "dateReserved": "2013-02-19T00:00:00",
    "dateUpdated": "2024-08-06T15:13:32.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-1813\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-11-23T11:55:04.337\",\"lastModified\":\"2020-08-27T20:15:11.393\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.\"},{\"lang\":\"es\",\"value\":\"util-linux/mdev.c en BusyBox anterior a la versi\u00f3n 1.21.0 utiliza permisos 0777 en directorios padre al crear directorios anidados bajo /dev/, lo que permite a usuarios locales tener un impacto y vectores de ataques desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.2},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"919D9673-1FCA-431D-9F30-643AAEFAC1DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.20.2\",\"matchCriteriaId\":\"920C6143-7898-45F6-97C0-6F39127DCA71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B67E997-9F5B-46BB-A6C7-2807E08780D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF8AED2-C49C-4494-A758-152BB15163B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A78CB26D-6D7F-41B9-B831-836B1AE9685D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22F144B4-A3DC-486F-8AEB-56A293CEB4D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DEF39BB-37E1-449A-8CB9-6E85E1FABCA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37848E12-4C7D-4EE2-9347-0B10A26E9B63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAEE5FB7-08B2-4A15-9D14-1BFF7BA513DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"148DF5E9-748F-44FB-84D3-5FD4D30322B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41B69641-1130-4905-A5EE-80A193FCF207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7464F91E-51A5-4C77-93BD-EA57824EB7AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48429F2F-F41D-45C5-AA58-FDBEC63B3DD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F907C5FE-E1E8-4B55-AA1F-A82517BA3657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACEE08C4-A5EE-42B9-8AB9-EB5BE4FEF2C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F745A0B-7B84-4127-BE27-9DC485479474\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.60.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85B1DD33-0CAD-4ED6-BB99-29EA39E4D147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.60.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35153AC7-AAF0-43BA-A900-7DDF46FF4F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.60.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A35C280B-5370-4762-A109-E08DB542BFD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.60.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB07416D-FBA6-4A68-856D-4AF5E2FF142E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.60.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8998A02A-A35B-4124-AB31-43F1A1B9C477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:0.60.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F70FE4-28AA-40D1-A2D2-D7047404E3BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"539C33E8-53AA-4415-BDA2-C4EE889FDB64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E2D0557-0C6A-40B6-BF08-0D24CDCF0FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1D67C2D-825B-4E66-A43F-9D07BB3CF9CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5408DA3E-9CA1-4768-992C-1732A45C4365\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A9C5E7-5260-4EBD-8A62-B11EE81906F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E1C67B-87DD-4883-A4DC-539783B4223E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09A4634A-6B09-477B-AC5C-109D1708935D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C035059E-0B42-4C1F-9C6D-866D69DE4702\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCA06DD4-6993-4F5F-8D01-94CEFB684D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3F4032E-04CF-4EA9-AF05-B6EBE5FFEDDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F95E79C7-1C7D-4A7B-8465-C4D3557C0097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBA76F53-2D6B-432F-99AD-3D126F463535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80FD3330-1F10-4697-ABEA-806E3068678B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F696DE8-423B-4F93-A2FE-8CCC9EB7E48A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A6A3CC-A56B-4861-9668-8AE05247042C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E508DF8D-33E4-485A-9348-B4592A9C0207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9796F6C1-52BB-448A-A807-0A6036B3ECC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71494758-A192-4A83-85D6-6A368CD58BF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB367825-26AE-4B75-A329-EC9DD0EC8004\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4336604A-11D1-4450-B38F-378263A299B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DAE682D-2F8E-40B2-8894-9FCAA8CD0101\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04D61499-332E-4AE7-A005-32A0DDE81DF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3923C03C-DD87-4FF8-BC97-A72CC65155FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E9A8BC6-CA69-46B0-9426-34ADB2695BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6704C4C-88E6-466D-9CAE-6FE8545F0977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F20F2DBA-E5F1-4DE7-95A3-8A044A94E9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC859628-5C13-4513-93C2-538F0A6A2586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB0BF42-4C41-44DF-926A-9144C2F385E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C17EDB63-B733-4761-B535-7F72E8F787A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F69A0F8C-B003-485F-813A-D4E1A4E88584\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8509CF5F-D1D1-4EB5-A061-00EEEEED68BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2A7A44C-C438-407C-97FF-435BE95795FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28738A5C-C205-4FC5-8633-5A7B898A1832\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8B44A0E-800C-4342-BA75-A48F3A56C3CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F341E09-BF96-43E6-96CC-7AFD8736938C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AEB371C-36DF-4421-882B-C769ED8404EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23D58896-B93B-4D5C-B42A-802B86A8D986\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96B38C04-7990-4B5A-86DB-9DE35BD73BED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD8D48C9-CC0F-4ACE-9C59-67E962C2DB6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1607A0-9B02-4433-B246-CE0FC73C2F64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED230815-6F03-49D2-8422-5E4764C92776\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89769E1E-FC6F-464F-9D2D-4A92E8150023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A818C102-5BBA-49ED-A2FF-CB60D50B867F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4965028A-4818-4F49-A69F-E4936B802933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"789A3850-A613-41D5-A4B1-5B21F0DAD865\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D06891-0077-43A7-84FE-26BEB4615820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAEBB6E8-4B1C-4F90-A429-4A08B5958706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7DCE0B0-FC75-4C79-9B69-7E45F6DF1B2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F680B7-A7C9-491C-B084-809FA91A4306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4B04CD2-EE97-4480-A3BD-A9405CC72408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3301EA75-92C1-4A07-8D4F-C03327F0DCA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A528C12-8E6C-47E3-B1B3-8DDA5C934C28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56FDCCB-87A7-4354-83EA-3BEAFF0FF019\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC00E801-D3E0-4D9E-B004-F2192D1D552A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66D0CE4D-E98B-4080-8372-7F1632A1E8F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAD322BE-7397-4154-B2BD-7E94275C1CEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7288E37E-9B8C-403E-A534-6191A0C6B4D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DB0017A-2FDB-424D-B693-3609141321A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6DA7560-D138-4D9C-9D1B-1DF0F79181AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"904B27F8-A167-4986-9AD3-665AF0D9B364\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E92B4186-3A3B-46E6-ADCA-B5EDCB122A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"852E6303-7BC5-4559-A653-727E5F8D21F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75C8ED43-A5E6-4413-9723-C69D9F46EF73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82866980-4335-4A5A-B4ED-750C848861C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5566B9F7-9C87-46F2-948C-7D2599035F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.17.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC2AEC0B-A24B-4B4F-ABDD-60FC57257634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E850B3B9-8D40-4C6C-9872-16C5235655B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07CECA25-E276-46F6-A811-6B428B4DB4A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55DDF725-B099-4187-ADB5-10CA4E6105ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.18.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"834E01F2-96CD-4F2D-9854-A68B31E1E3DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.18.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6576665-E960-4338-ACF0-747F71443887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.18.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BFC1DCB-BC86-4C65-88B6-DC6F29C1BF12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01DA4F8E-77CE-4552-A200-F7AE11CB99A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABC7D599-2AA2-465D-8943-D43FB274562C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.19.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA46F251-9F17-498F-B093-70ADF7F989F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.19.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"342D474D-D3E9-43A1-9822-AFF4BD39741D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F79AF30-821F-488B-971D-3A2C931C7D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:busybox:busybox:1.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B94A193D-55F6-410B-A744-D7561D76D6E7\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://lists.busybox.net/pipermail/busybox/2013-January/078864.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1732.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jun/18\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2020/Aug/20\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2020/Mar/15\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/14\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.t-mobile.com/docs/DOC-21994\",\"source\":\"secalert@redhat.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.