Wind River Support Network

HomeDefectsLIN8-9373
Fixed

LIN8-9373 : Security Advisory - busybox - CVE-2018-1000500

Created: Jun 29, 2018    Updated: Dec 3, 2018
Resolved Date: Aug 5, 2018
Found In Version: 8.0.0.26
Fix Version: 8.0.0.27
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

Busybox contains a Missing SSL certificate validation vulnerability in The busybox wget applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using busybox wget https://compromised-domain.com/important-file.

https://nvd.nist.gov/vuln/detail/CVE-2018-1000500

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube