cnvd - cnvd-2018-04200

cnvd-2018-04200

Vulnerability from cnvd

Title: Micro Focus openSUSE存在未明漏洞

Description:

Micro Focus openSUSE是英国Micro Focus公司的一套基于Linux的自由操作系统。openSUSE Leap是openSUSE的一个版本。

Micro Focus openSUSE Leap的build包中存在安全漏洞，该漏洞源于程序未能校验目录名称。攻击者可利用该漏洞向主机系统中的文件执行写入操作。

Severity: 低

Patch Name: Micro Focus openSUSE存在未明漏洞的补丁

Patch Description:

Micro Focus openSUSE是英国Micro Focus公司的一套基于Linux的自由操作系统。openSUSE Leap是openSUSE的一个版本。

Micro Focus openSUSE Leap的build包中存在安全漏洞，该漏洞源于程序未能校验目录名称。攻击者可利用该漏洞向主机系统中的文件执行写入操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html

Reference: https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html

Impacted products

Name
['Micro Focus openSUSE Leap 42.3', 'Micro Focus openSUSE Leap 42.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-14804"
    }
  },
  "description": "Micro Focus openSUSE\u662f\u82f1\u56fdMicro Focus\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eLinux\u7684\u81ea\u7531\u64cd\u4f5c\u7cfb\u7edf\u3002openSUSE Leap\u662fopenSUSE\u7684\u4e00\u4e2a\u7248\u672c\u3002\r\n\r\nMicro Focus openSUSE Leap\u7684build\u5305\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6821\u9a8c\u76ee\u5f55\u540d\u79f0\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411\u4e3b\u673a\u7cfb\u7edf\u4e2d\u7684\u6587\u4ef6\u6267\u884c\u5199\u5165\u64cd\u4f5c\u3002",
  "discovererName": "Micro Focus",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-04200",
  "openTime": "2018-03-05",
  "patchDescription": "Micro Focus openSUSE\u662f\u82f1\u56fdMicro Focus\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eLinux\u7684\u81ea\u7531\u64cd\u4f5c\u7cfb\u7edf\u3002openSUSE Leap\u662fopenSUSE\u7684\u4e00\u4e2a\u7248\u672c\u3002\r\n\r\nMicro Focus openSUSE Leap\u7684build\u5305\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6821\u9a8c\u76ee\u5f55\u540d\u79f0\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411\u4e3b\u673a\u7cfb\u7edf\u4e2d\u7684\u6587\u4ef6\u6267\u884c\u5199\u5165\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Micro Focus openSUSE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Micro Focus openSUSE  Leap 42.3",
      "Micro Focus openSUSE  Leap 42.2"
    ]
  },
  "referenceLink": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html\r\nhttps://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html\r\nhttps://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html",
  "serverity": "\u4f4e",
  "submitTime": "2018-03-05",
  "title": "Micro Focus openSUSE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2017-14804 (GCVE-0-2017-14804)

Vulnerability from cvelistv5

Published

2018-03-01 19:00

Modified

2024-09-16 22:03

Severity ?

9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

Insufficient pathname checking could use to bypass directory restrictions.
CWE-22

Summary

The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots.

References

▼	URL	Tags
	https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html	vendor-advisory, x_refsource_SUSE
	https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html	vendor-advisory, x_refsource_SUSE
	https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	SUSE	build	Version: unspecified <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2017:3253",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html"
          },
          {
            "name": "SUSE-SU-2018:0065",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html"
          },
          {
            "name": "openSUSE-SU-2017:3259",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "build",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "20171128",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Marcus H\u00fcwe"
        }
      ],
      "datePublic": "2017-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Can be found in https://bugzilla.suse.com/show_bug.cgi?id=1069904"
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Insufficient pathname checking could use to bypass directory restrictions.",
              "lang": "en",
              "type": "text"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:51",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "name": "SUSE-SU-2017:3253",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html"
        },
        {
          "name": "SUSE-SU-2018:0065",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html"
        },
        {
          "name": "openSUSE-SU-2017:3259",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html"
        }
      ],
      "source": {
        "advisory": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html",
        "defect": [
          "https://bugzilla.suse.com/show_bug.cgi?id=1069904"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "package builds could use directory traversal to write outside of target area",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "DATE_PUBLIC": "2017-12-08T00:00:00.000Z",
          "ID": "CVE-2017-14804",
          "STATE": "PUBLIC",
          "TITLE": "package builds could use directory traversal to write outside of target area"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "build",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c=",
                            "version_affected": "\u003c=",
                            "version_value": "20171128"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Marcus H\u00fcwe"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Can be found in https://bugzilla.suse.com/show_bug.cgi?id=1069904"
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Insufficient pathname checking could use to bypass directory restrictions."
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2017:3253",
              "refsource": "SUSE",
              "url": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html"
            },
            {
              "name": "SUSE-SU-2018:0065",
              "refsource": "SUSE",
              "url": "https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00030.html"
            },
            {
              "name": "openSUSE-SU-2017:3259",
              "refsource": "SUSE",
              "url": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00025.html"
            }
          ]
        },
        "source": {
          "advisory": "https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html",
          "defect": [
            "https://bugzilla.suse.com/show_bug.cgi?id=1069904"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2017-14804",
    "datePublished": "2018-03-01T19:00:00Z",
    "dateReserved": "2017-09-27T00:00:00",
    "dateUpdated": "2024-09-16T22:03:14.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted