Code Injection in Gnu

#VU29388 Code Injection in Gnu

Cybersecurity Help s.r.o.

Published: 2020-06-30

Vulnerability identifier: #VU29388

Vulnerability risk: Low

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-15011

CWE-ID: CWE-94

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Gnu
Operating systems & Components / Operating system

Vendor: GNU

Description

The vulnerability allows a remote attacker to inject arbitrary content.

The vulnerability exists due to improper input validation within the Cgi/private.py private archive login page. A remote attacker can send a specially crafted request and inject arbitrary content.

Successful exploitation of the vulnerability requires that the roster visibility (private_roster) setting is 'Anyone'.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Gnu: 2.1.0 - 2.1.32

External links
http://bugs.launchpad.net/mailman/+bug/1877379

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for mailman

openEuler update for mailman

Debian update for mailman

Red Hat Enterprise Linux 8 update for the mailman:2.1 module

Content injection in GNU Mailman