Signature Detail
Short Name |
HTTP:STC:DL:NODEJS-YAML-CE |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
NodeJS JS YAML Remote Code Execution |
Release Date |
2015/06/09 |
Update Number |
2503 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: NodeJS JS YAML Remote Code Execution
This signature detects attempts to exploit a known vulnerability against NodeJS. A successful attack can lead to arbitrary code execution.
Extended Description
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation.
Affected Products
- js-yaml_project js-yaml 0.2.0
- js-yaml_project js-yaml 0.2.1
- js-yaml_project js-yaml 0.2.2
- js-yaml_project js-yaml 0.3.0
- js-yaml_project js-yaml 0.3.1
- js-yaml_project js-yaml 0.3.2
- js-yaml_project js-yaml 0.3.3
- js-yaml_project js-yaml 0.3.4
- js-yaml_project js-yaml 0.3.5
- js-yaml_project js-yaml 0.3.6
- js-yaml_project js-yaml 0.3.7
- js-yaml_project js-yaml 1.0.0
- js-yaml_project js-yaml 1.0.1
- js-yaml_project js-yaml 1.0.2
- js-yaml_project js-yaml 1.0.3
- js-yaml_project js-yaml 2.0.0
- js-yaml_project js-yaml 2.0.1
- js-yaml_project js-yaml 2.0.2
- js-yaml_project js-yaml 2.0.3
- js-yaml_project js-yaml up to 2.0.4
References
- BugTraq: 60867
- CVE: CVE-2013-4660