openEuler 20.03 LTS SP1 update for libcap

1) PHP file inclusion

EUVDB-ID: #VU72703

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-2603

CWE-ID: CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program

Exploit availability: No

Description

The vulnerability allows a remote attacker to include and execute arbitrary PHP files on the server.

The vulnerability exists due to incorrect input validation when including PHP files in web/ajax/modal.php. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

libcap-help: before 2.32-6

libcap-debugsource: before 2.32-6

libcap-devel: before 2.32-6

libcap-debuginfo: before 2.32-6

libcap: before 2.32-6

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
• cpe:2.3:o:openeuler:libcap-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:libcap-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:libcap-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:libcap-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:o:openeuler:libcap:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1343

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.