Wind River Support Network

HomeDefectsLIN10-4213
Fixed

LIN10-4213 : Security Advisory - busybox - CVE-2018-1000500

Created: Jun 29, 2018    Updated: Dec 3, 2018
Resolved Date: Jul 18, 2018
Found In Version: 10.17.41.1
Fix Version: 10.17.41.10
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

Busybox contains a Missing SSL certificate validation vulnerability in The busybox wget applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using busybox wget https://compromised-domain.com/important-file.

https://nvd.nist.gov/vuln/detail/CVE-2018-1000500

Other Downloads


CVEs


Live chat
Online