Vulnerability Name:

CVE-2020-11722 (CCN-180298)

Assigned:2020-02-16
Published:2020-02-16
Updated:2020-04-25
Summary:Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-434
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-11722

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0549

Source: MISC
Type: Patch, Third Party Advisory
https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html

Source: XF
Type: UNKNOWN
dcss-cve202011722-code-exec(180298)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04

Source: CCN
Type: Crawl GIT Repository
Disable lua load(), loadstring() bytcode loading

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28

Source: FEDORA
Type: UNKNOWN
FEDORA-2020-de88782eaa

Source: FEDORA
Type: UNKNOWN
FEDORA-2020-c976cfa87e

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2020-11722

Vulnerable Configuration:Configuration 1:
  • cpe:/a:dungeon_crawl_stone_soup_project:dungeon_crawl_stone_soup:*:*:*:*:*:*:*:* (Version < 0.25)

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:202011722
    V
    		CVE-2020-11722
    2022-06-30
    oval:org.opensuse.security:def:112113
    P
    		crawl-0.26.1-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:93593
    P
    		 (Important)
    2021-12-22
    oval:org.opensuse.security:def:64636
    P
    		Security update for python3 (Moderate)
    2021-12-13
    oval:org.opensuse.security:def:105650
    P
    		Security update for strongswan (Moderate)
    2021-10-19
    oval:org.opensuse.security:def:64578
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:64748
    P
    		Security update for libmspack (Moderate)
    2021-08-20
    oval:org.opensuse.security:def:63324
    P
    		dovecot23-2.3.11.3-17.5.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62821
    P
    		open-vm-tools-desktop-11.2.5-1.17 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:63031
    P
    		perl-Archive-Extract-0.80-1.24 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62825
    P
    		python-tk-2.7.18-7.55.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62828
    P
    		rtkit-0.11+git.20130926-1.34 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100306
    P
    		 (Moderate)
    2021-06-29
    oval:org.opensuse.security:def:63527
    P
    		PackageKit-gstreamer-plugin-1.1.10-2.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62853
    P
    		git-2.16.3-1.30 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:64476
    P
    		Security update for sudo (Important)
    2021-04-20
    oval:org.opensuse.security:def:74690
    P
    		Security update for python3 (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:74823
    P
    		Security update for crawl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64368
    P
    		libpng12-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63674
    P
    		Security update for freeradius-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:64369
    P
    		libpng16-16 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63903
    P
    		Security update for soundtouch (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64232
    P
    		cron on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:110485
    P
    		Security update for crawl (Moderate)
    2020-04-24
    BACK
    dungeon_crawl_stone_soup_project dungeon crawl stone soup *