ghsa-234c-568r-p7m4
Vulnerability from github
Published
2022-05-13 01:04
Modified
2022-05-13 01:04
Severity
8.8 (High) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2017-16544"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-20T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.",
  "id": "GHSA-234c-568r-p7m4",
  "modified": "2022-05-13T01:04:02Z",
  "published": "2022-05-13T01:04:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16544"
    },
    {
      "type": "WEB",
      "url": "https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Jun/14"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Sep/7"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3935-1"
    },
    {
      "type": "WEB",
      "url": "https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Jun/18"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Sep/7"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/Aug/20"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/Mar/15"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/Sep/6"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2021/Aug/21"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2021/Jan/39"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Jun/36"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2019-0013.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.