CVE-2013-1813

Name of the Vulnerable Software and Affected Versions BusyBox versions prior to 1.21.0

Description The issue in BusyBox allows local users to have unknown impact and attack vectors due to the use of 0777 permissions for parent directories when creating nested directories under /dev/. Additionally, multiple vulnerabilities in BusyBox before version 1.21.0 may lead to a breach of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For versions prior to 1.21.0, update to version 1.21.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the /dev/ directory to minimize the risk of exploitation. Avoid using the mdev.c functionality in BusyBox until the issue is resolved.