DHCP: BusyBox Project BusyBox udhcp Option CVE-2018-20679 Out of Bounds Read
This signature detects attempts to exploit a known vulnerability against udhcp module of BusyBox. Successful exploitation of this vulnerability could result in disclosure of sensitive information.
Extended Description
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.
Affected Products
Busybox busybox
Short Name
DHCP:EXPLOIT:CVE-2018-20679-OB
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
DHCP
Keywords
Bounds BusyBox CVE-2018-20679 Option Out Project Read of udhcp
Release Date
02/25/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Busybox
Canonical
CVSS Score
5.0