Your submission was sent successfully! Close

CVE-2018-1000517

Published: 26 June 2018

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
busybox
Launchpad, Ubuntu, Debian
Upstream
Released (1:1.27.2-3)
Ubuntu 21.04 (Hirsute Hippo)
Released (1:1.27.2-2ubuntu5)
Ubuntu 20.04 LTS (Focal Fossa)
Released (1:1.27.2-2ubuntu5)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1:1.27.2-2ubuntu3.2)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1:1.22.0-15ubuntu1.4)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1:1.21.0-1ubuntu1.4)
Patches:
Upstream: https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e