openEuler 20.03 LTS update for curl-7.69.1-1

1) Input validation error

EUVDB-ID: #VU24338

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2019-15601

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied URL. A remote attacker can pass  URL to the SMB share using the "file://" URI handler and read arbitrary files from local resources.

Example: file://localhost//hostname/home/secret.txt

Note, this issue affects Windows installations only.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

libcurl-devel: before 7.69.1-1

libcurl: before 7.69.1-1

curl-help: before 7.69.1-1

curl-debugsource: before 7.69.1-1

curl-debuginfo: before 7.69.1-1

curl: before 7.69.1-1

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:o:openeuler:libcurl-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:libcurl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:curl-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:curl-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:curl-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:curl:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1011

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.