Rapid7 Vulnerability & Exploit Database

RHSA-2012:0308: busybox security and bug fix update

Back to Search

RHSA-2012:0308: busybox security and bug fix update



BusyBox provides a single binary that includes versions of a large numberof system commands, including a shell. This can be very useful forrecovering from certain types of system failures, particularly thoseinvolving broken shared libraries.A buffer underflow flaw was found in the way the uncompress utility ofBusyBox expanded certain archive files compressed using Lempel-Zivcompression. If a user were tricked into expanding a specially-craftedarchive file with uncompress, it could cause BusyBox to crash or,potentially, execute arbitrary code with the privileges of the user runningBusyBox. (CVE-2006-1168)The BusyBox DHCP client, udhcpc, did not sufficiently sanitize certainoptions provided in DHCP server replies, such as the client hostname. Amalicious DHCP server could send such an option with a specially-craftedvalue to a DHCP client. If this option's value was saved on the clientsystem, and then later insecurely evaluated by a process that assumes theoption is trusted, it could lead to arbitrary code execution with theprivileges of that process. Note: udhcpc is not used on Red Hat EnterpriseLinux by default, and no DHCP client script is provided with the busyboxpackages. (CVE-2011-2716)This update also fixes the following bugs:All users of busybox are advised to upgrade to these updated packages,which correct these issues.


  • redhat-upgrade-busybox
  • redhat-upgrade-busybox-anaconda

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center