ID CVE-2017-6920
Summary Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_4FC2DF49627911E7BE0F6CF0497DB129.NASL
    description Drupal Security Team Reports : CVE-2017-6920: PECL YAML parser unsafe object handling. CVE-2017-6921: File REST resource does not properly validate CVE-2017-6922: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users.
    last seen 2017-10-29
    modified 2017-08-24
    plugin id 101276
    published 2017-07-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101276
    title FreeBSD : drupal -- Drupal Core - Multiple Vulnerabilities (4fc2df49-6279-11e7-be0f-6cf0497db129)
  • NASL family CGI abuses
    NASL id DRUPAL_8_3_4.NASL
    description According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.56 or 8.x prior to 8.3.4. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain operations. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-6920) - A flaw exists in the file REST resource due to improper validation of user-supplied input to multiple fields when manipulating files. An unauthenticated, remote attacker can exploit this to have an unspecified impact on integrity. Note that a site is only affected by this issue if it has the RESTful Web Services (rest) module enabled, the file REST resource is enabled and allows PATCH requests, and the attacker can get or register a user account on the site with permissions to upload files and to modify the file resource. (CVE-2017-6921) - An information disclosure vulnerability exists due to a failure to ensure that private files that have been uploaded by an anonymous user but not permanently attached to content on the site are only visible to the anonymous user who uploaded them instead of all anonymous users. An unauthenticated, remote attacker can exploit this to disclose the files of other anonymous users. (CVE-2017-6922) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2018-06-15
    modified 2018-06-14
    plugin id 101063
    published 2017-06-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101063
    title Drupal 7.x < 7.56 / 8.x < 8.3.4 Multiple Vulnerabilities (SA-CORE-2017-003)
refmap via4
bid 99211
confirm https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
sectrack 1038781
Last major update 07-08-2018 - 21:29
Published 06-08-2018 - 11:29
Last modified 07-08-2018 - 21:29
Back to Top