Linux Security
    Linux Security
    Linux Security

    ArchLinux: 202009-14: yaws: multiple issues

    Date
    112
    Posted By
    The package yaws before version 2.0.8-1 is vulnerable to multiple issues including arbitrary command execution and information disclosure.
    Arch Linux Security Advisory ASA-202009-14
    ==========================================
    
    Severity: High
    Date    : 2020-09-26
    CVE-ID  : CVE-2020-12872 CVE-2020-24379 CVE-2020-24916
    Package : yaws
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1228
    
    Summary
    =======
    
    The package yaws before version 2.0.8-1 is vulnerable to multiple
    issues including arbitrary command execution and information
    disclosure.
    
    Resolution
    ==========
    
    Upgrade to 2.0.8-1.
    
    # pacman -Syu "yaws>=2.0.8-1"
    
    The problems have been fixed upstream in version 2.0.8.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2020-12872 (information disclosure)
    
    yaws_config.erl in Yaws through 2.0.7 loads obsolete TLS ciphers, as
    demonstrated by ones that allow Sweet32 attacks.
    
    - CVE-2020-24379 (information disclosure)
    
    WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is
    vulnerable to XXE injection.
    
    - CVE-2020-24916 (arbitrary command execution)
    
    CGI implementation in Yaws web server versions 1.81 to 2.0.7 is
    vulnerable to OS command injection.
    
    Impact
    ======
    
    A remote attacker might be able to execute arbitrary commands,
    downgrade TLS ciphers, or load foreign entities via crafted content.
    
    References
    ==========
    
    https://github.com/erlyaws/yaws/releases/tag/yaws-2.0.8
    https://vuln.be/post/yaws-xxe-and-shell-injections/
    https://sweet32.info/
    https://medium.com/@charlielabs101/cve-2020-12872-df315411aa70
    https://packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html
    https://github.com/erlyaws/yaws/commit/05a06345012598f5da55dbb4d041c8dc26e88e6c
    https://github.com/vulnbe/poc-yaws-dav-xxe
    https://github.com/erlyaws/yaws/commit/799b3b526d15b7a9bc43ae97165aeb085f18fac1
    https://github.com/vulnbe/poc-yaws-cgi-shell-injection
    https://security.archlinux.org/CVE-2020-12872
    https://security.archlinux.org/CVE-2020-24379
    https://security.archlinux.org/CVE-2020-24916
    

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/41-ubuntu-is-a-more-secure-distro-than-fedora?task=poll.vote&format=json
    41
    radio
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"4","type":"x","order":"1","pct":66.67,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"2","type":"x","order":"2","pct":33.33,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.