Reference: CERT-EU Security Advisory 2016-129 ==================FOR INTERNAL USE ONLY================= Short Summary - ------------- The RESTful Web Services module for Drupal is prone to a remote code-execution vulnerability; fixes are available. Drupal RESTful Web Services Module Remote Code Execution Vulnerability Bugtraq ID 91762 CVE CVE-MAP-NOMATCH Published Jul 13 2016 Last Update 07/14/2016 12:28:02 PM GMT Remote Yes Local No Credibility Vendor Confirmed Classification Input Validation Error Ease No Exploit Available Availability Always Authentication Not Required CVSS Version 2 Scores CVSS2 Base 10 CVSS2 Temporal 7.4 CVSS2 Base Vector AV:N/AC:L/Au:N/C:C/I:C/A:C CVSS2 Temporal VectorE:U/RL:OF/RC:C CVSS Version 1 Scores CVSS1 Base 10 CVSS1 Temporal 7.4 NVD CVSS2 BaseScore 7.5 NVD CVSS2 ComponentStringAV:N/AC:L/Au:N/C:P/I:P/A:P Impact 10 Severity 10 Urgency Rating 8.2 Last Change Initial analysis. Impact - ------ An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. Technical Description - --------------------- RESTful Web Services is a module for the Drupal content manager. The RESTful Web Services module for Drupal is prone to a remote code-execution vulnerability. Specifically, this issue occurs because it fails to properly handle default page callbacks for entities. An attacker can exploit this issue to execute arbitrary php code. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. RESTful Web Services module 7.x-2.x versions prior to 7.x-2.6 are vulnerable. RESTful Web Services module 7.x-1.x versions prior to 7.x-1.7 are vulnerable. Attack Scenarios - ---------------- 1. An attacker locates a computer hosting the vulnerable application. 2. The attacker crafts a malicious request sufficient to trigger this issue and sends it to the affected application. 3. When the application processes the request, the issue is triggered. Solutions - --------- Updates are available. Please see the references or vendor advisory for more information. Vulnerable Systems - ------------------ Drupal RESTful Web Services 7.x-1.6 cpe:/a:drupal:restful_web_services:7.x-1.6 SYMC Drupal RESTful Web Services 7.x-2.4 cpe:/a:drupal:restful_web_services:7.x-2.4 SYMC Drupal RESTful Web Services 7.x-2.5 cpe:/a:drupal:restful_web_services:7.x-2.5 SYMC Drupal RESTful Web Services 7.x-2.0 cpe:/a:drupal:restful_web_services:7.x-2.0 SYMC Drupal RESTful Web Services 7.x-1.0 cpe:/a:drupal:restful_web_services:7.x-1.0 SYMC Drupal RESTful Web Services 7.x-1.1 cpe:/a:drupal:restful_web_services:7.x-1.1 SYMC Drupal RESTful Web Services 7.x-1.2 cpe:/a:drupal:restful_web_services:7.x-1.2 SYMC Drupal RESTful Web Services 7.x-1.3 cpe:/a:drupal:restful_web_services:7.x-1.3 SYMC Drupal RESTful Web Services 7.x-1.4 cpe:/a:drupal:restful_web_services:7.x-1.4 SYMC Drupal RESTful Web Services 7.x-1.5 cpe:/a:drupal:restful_web_services:7.x-1.5 SYMC Drupal RESTful Web Services 7.x-2.1 cpe:/a:drupal:restful_web_services:7.x-2.1 SYMC Drupal RESTful Web Services 7.x-2.2 cpe:/a:drupal:restful_web_services:7.x-2.2 SYMC Drupal RESTful Web Services 7.x-2.3 cpe:/a:drupal:restful_web_services:7.x-2.3 SYMC References - ---------- Advisory: DRUPAL-SA-CONTRIB-2016-040 : RESTWS - Highly critical - Remote code execution - (Drupal) Drupal https://www.drupal.org/node/2765567 Advisory:Drupal contrib - Highly Critical - Remote code execution PSA-2016-001 (Drupal) Drupal https://www.drupal.org/psa-2016-001 Web Page:Drupal Homepage (Drupal) Drupal http://drupal.org/ =============================================================== This is an automatic alert service based on Symantec Deepsight. It is intended only for the use of CERT-EU Constituency. =============================================================== CERT-EU (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383