Vulnerabilities > CVE-2016-6301 - Resource Management Errors vulnerability in Busybox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-201701-05.NASL |
description | The remote host is affected by the vulnerability described in GLSA-201701-05 (BusyBox: Denial of Service) The recv_and_process_client_pkt function in networking/ntpd.c in BusyBox allows remote attackers to cause a Denial of Service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop. Impact : A remote attacker might send a specially crafted package to a machine running BusyBox ntpd, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 96236 |
published | 2017-01-03 |
reporter | This script is Copyright (C) 2017 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/96236 |
title | GLSA-201701-05 : BusyBox: Denial of Service |
code |
|
Packetstorm
data source https://packetstormsecurity.com/files/download/156729/SA-20200312-0.txt id PACKETSTORM:156729 last seen 2020-03-14 published 2020-03-14 reporter T. Weber source https://packetstormsecurity.com/files/156729/Phoenix-Contact-TC-Router-TC-Cloud-Client-Command-Injection.html title Phoenix Contact TC Router / TC Cloud Client Command Injection data source https://packetstormsecurity.com/files/download/153278/SA-20190612-0.txt id PACKETSTORM:153278 last seen 2019-06-17 published 2019-06-13 reporter T. Weber source https://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html title WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials data source https://packetstormsecurity.com/files/download/154361/SA-20190904-0.txt id PACKETSTORM:154361 last seen 2019-09-05 published 2019-09-04 reporter T. Weber source https://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html title Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
References
- http://www.openwall.com/lists/oss-security/2016/08/03/7
- http://www.securityfocus.com/bid/92277
- https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71
- https://bugzilla.redhat.com/show_bug.cgi?id=1363710
- https://security.gentoo.org/glsa/201701-05
- http://seclists.org/fulldisclosure/2019/Jun/18
- https://seclists.org/bugtraq/2019/Jun/14
- http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
- http://seclists.org/fulldisclosure/2019/Sep/7
- https://seclists.org/bugtraq/2019/Sep/7
- http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
- http://seclists.org/fulldisclosure/2020/Mar/15
- http://seclists.org/fulldisclosure/2020/Aug/20