CVE-2017-16544
Published: August 31, 2023Last modified: August 31, 2023
Description
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack Vector | NETWORK |
Attack complexity | LOW |
Privileges required | LOW |
User interaction | NONE |
Scope | UNCHANGED |
Confidentiality | HIGH |
Integrity impact | HIGH |
Availability impact | HIGH |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
Product | Release | Package | Status |
---|---|---|---|
Alpaquita Linux | 23 LTS | busybox | Not affected (1.35.0-r30) |
Stream | busybox | Not affected (1.36.1-r6) |
References
- http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
- http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html
- http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
- http://seclists.org/fulldisclosure/2019/Jun/18
- http://seclists.org/fulldisclosure/2019/Sep/7
- http://seclists.org/fulldisclosure/2020/Aug/20
- http://seclists.org/fulldisclosure/2020/Mar/15
- http://seclists.org/fulldisclosure/2020/Sep/6
- http://seclists.org/fulldisclosure/2021/Aug/21
- http://seclists.org/fulldisclosure/2021/Jan/39
- http://seclists.org/fulldisclosure/2022/Jun/36
- http://www.vmware.com/security/advisories/VMSA-2019-0013.html
- https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
- https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html
- https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html
- https://seclists.org/bugtraq/2019/Jun/14
- https://seclists.org/bugtraq/2019/Sep/7
- https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01
- https://usn.ubuntu.com/3935-1/
- https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/