CVE-2011-2716

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:busybox:busybox:1.18.5:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.18.4:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.17.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.18.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.18.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.17.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.16.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.16.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.14.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.14.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.13.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.13.4:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:0.60.5:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.19.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.19.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.1.0:pre1:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.10.4:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.15.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre9:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre8:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.17.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.15.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.17.4:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.12.4:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.17.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre3:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre1:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre4:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.13.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.14.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre2:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.18.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.13.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.12.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.15.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre10:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.16.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.19.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre5:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.18.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.15.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.14.4:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre7:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.10.2:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.01:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.0.0:pre6:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.00:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.12.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.10.3:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:busybox:busybox:1.2.2:*:*:*:*:*:*:*

Information

Published : 2012-07-03 09:40

Updated : 2020-08-27 13:15


NVD link : CVE-2011-2716

Mitre link : CVE-2011-2716


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

t-mobile

  • tm-ac1900

busybox

  • busybox