CVE-2017-10974 Scanner

Yaws is an open-source web server software written in Erlang programming language, designed for providing high concurrency, low latency and high performance web applications. The software's primary purpose is to act as a reverse proxy, load balancer or application server, in a variety of web and chat platforms, big and small.

CVE-2017-10974 is a vulnerability found in Yaws 1.91, which allows hackers to perform a Remote File Disclosure attack, via HTTP Directory Traversal with /%5C../ to port 8080. Directory Traversal is a vulnerability typically found in web-based applications, which can be abused to access files and directories that are otherwise prohibited by the server. The vulnerability is triggered by using the specific sequence /%5C, which goes undetected by the server.

This vulnerability can be exploited by attackers to gain unauthorized access to sensitive data that may reside on the server. As shown, the attackers can access files that are not intended for public access, such as password files, configuration files, and even source code that may contain vulnerabilities. An attacker could also leverage the file access to pivot into further attacks to compromise the server.

In conclusion, at s4e.io, we offer a platform that provides a comprehensive and easy-to-use vulnerability management solution. Our security scanning tools help identify vulnerabilities and security threats across all digital assets, enabling businesses to proactively address potential cyber-attacks. With our pro features, we can alert you of any vulnerabilities detected in your Yaws servers and offer remediation advice. Protect your digital assets with s4e.io!

REFERENCES

• http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt
• http://www.securityfocus.com/bid/99515
• https://www.exploit-db.com/exploits/42303/