Announcement Announcement Module
Collapse
No announcement yet.
Multiple Vulnerabilities in Drupal 7.x Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multiple Vulnerabilities in Drupal 7.x

    Multiple Vulnerabilities in Drupal

    Severity Rating: High

    Systems Affected

    • Drupal 7.x

    Components Affected


    • Pane 7.x-2.x versions prior to 7.x-2.5
    • Meta tags quick 7.x-2.x versions from and including 7.x-2.1 to 7.x-2.7
    • Node Access Keys 7.x-1.x versions prior to 7.x-1.2

    Overview

    Multiple Vulnerabilities has been reported in Drupal which could be exploited by remote attacker to conduct Cross-site Scripting (XSS) attacks on the targeted system.

    Description

    1) Cross-site Vulnerabilities in Pane and Meta tags quick modules of Drupal

    These vulnerabilities have been reported Pane and Meta tags quick modules in Drupal due to improper sanitization of user supplied input. A remote attacker could exploit these vulnerabilities to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

    2) Access Bypass Vulnerability in Node Access Keys module of Drupal

    This vulnerability exists in Node access key module for Drupal that grant temporary view permissions to users for selected content types on a per user role basis.A remote attacker could exploit this vulnerability to bypass security restrictions.


    Solution

    Apply appropriate updates as mentioned in Drupal Security Advisories
    https://www.drupal.org/security/contrib

    Vendor Information

    Drupal
    https://www.drupal.org/project/nodeaccesskeys

    https://www.drupal.org/node/2296783
    https://www.drupal.org/node/2296511
    https://www.drupal.org/node/2296495

    References
    Secunia
    http://secunia.com/advisories/59609/

  • #2
    Multiple Vulnerabilities in Drupal Logintoboggan Module

    Severity rate : Medium

    Components Affected:

    Drupal Logintoboggan 7.x-1.x versions prior to 7.x-1.4

    Overview
    Multiple vulnerabilities have been reported in Logintoboggan module of drupal which could allow a remote attacker to conduct reflected Cross Site Scripting (XSS) attacks and bypass certain security restrictions.

    Description
    1. Drupal Logintoboggan Module Cross Site Scripting (XSS) Vulnerability
    This vulnerability is caused due to improper filtering of user-supplied input . Successful exploitation of this vulnerability by a remote attacker by inserting JavaScript in the username field included in the "log out"
    link could lead to reflected Cross Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to steal the victim's cookie-based authentication credentials.

    2. Drupal Logintoboggan Module Access Bypass Vulnerability
    This vulnerability exists due to failure of module in removing all those permissions which are in the "authorized user" role and not in the "pre-authorized role" on all "Page Not Found" resulting pages. Successful
    exploitation of this vulnerability could allow an attacker to bypass certain security restrictions .

    Solution
    Apply appropriate updates as mentioned in Drupal Security Advisories :
    https://drupal.org/security/contrib

    Vendor Information
    Drupal
    https://www.drupal.org/project/logintoboggan

    References
    Drupal
    https://www.drupal.org/node/2300369


    IBM Internet Security
    http://xforce.iss.net/xforce/xfdb/35387

    Juniper Security Center
    https://www.juniper.net/security/aut...vuln34945.html

    Comment


    • #3
      Multiple Vulnerabilities in Drupal Modules

      Severity rate : Medium

      Components Affected:
      • Drupal FileField module 6.x-3.x versions prior to 6.x-3.13.
      • Drupal Password Policy module 6.x-1.x versions prior to 6.x-1.8.
      • Drupal Password Policy module 7.x-1.x versions prior to 7.x-1.9.

      Overview
      Multiple vulnerabilities have been reported in different modules of drupal which could be exploited by a remote attacker to bypass certain security restrictions.

      Description
      1. Drupal FileField module Access Bypass Vulnerability
      This vulnerability exists in FileField module of drupal . The vulnerability is caused due to insufficient checking of permission to view the attached file when attaching a file that was previously uploaded. A remote attacker could exploit this vulnerability to bypass security restrictions and gain access to private files.

      2. Drupal version 7.x Password Policy module Access Bypass Vulnerability
      This vulnerability exists in Password Policy module of drupal. This vulnerability occurs in the case when Password Change Tab module and the history constraint are both enabled simultaneously, and a user changes their password using the password tab .In such a case, the password history could not be stored. The attacker an exploit this vulnerability to change password to one of their previous passwords in contravention of the history constraint.

      3. Drupal versions 6.x and 7.x Password Policy module Access Bypass Vulnerability
      This vulnerability exists in Password Policy module of drupal for only those users for whom an administrator has forced a password change. This vulnerability occurs when an update operation is programmatically performed for a user during the time while the administrator has already flagged that user for a forced password change and the time that user logs in. In such a case, the user will no longer be flagged for a forced password change.

      Solution
      Apply appropriate updates as mentioned in Drupal Security Advisories :
      https://www.drupal.org/node/2304213
      https://www.drupal.org/node/2304561


      Vendor Information
      Drupal
      https://www.drupal.org/

      References
      Drupal
      https://www.drupal.org/node/2304213
      https://www.drupal.org/node/2304561

      Comment


      • #4
        Multiple Vulnerabilities in Drupal

        Severity rate : High

        Systems Affected:
        • Drupal core 6.x versions prior to 6.32.
        • Drupal core 7.x versions prior to 7.29.

        Overview
        Multiple vulnerabilities have been reported in drupal which could allow a remote attacker to conduct denial of service, Cross Site Scripting (XSS) attacks and bypass certain security restrictions.

        Description
        1. Denial of service Vulnerability
        This vulnerability exists due to improper examining of maliciously-crafted header values by the HTTP Host header validation. Successful exploitation of this vulnerability could lead to denial of Service attack.

        2. File module Access Bypass Vulnerability
        This vulnerability exists in file module that allows attaching files to content. The vulnerability is caused due to insufficiently checking permission to view the attached file when attaching a formerly uploaded
        file. A remote attacker could exploit this vulnerability to bypass security restrictions and gain access to private files.

        3. Form API option groups Cross-site scripting Vulnerability
        This vulnerability exists in Drupal's form API that insufficiently checks the sanitization of option group labels in select elements. Successful exploitation of this vulnerability requires the "administer taxonomy"
        permission in Drupal 6 core.

        4.Ajax system Cross-site scripting Vulnerability
        A reflected cross-site scripting vulnerability exists in certain forms that contain a combination of a file field and an Ajax-enabled textfield like an autocomplete field.
        An attacker can exploit the vulnerability in a limited set of circumstances which usually requires custom or contributed modules.

        Solution
        Apply appropriate updates as mentioned in Drupal Security Advisory :
        https://www.drupal.org/SA-CORE-2014-003

        Vendor Information
        Drupal
        https://www.drupal.org/project/drupal

        References
        Drupal
        https://www.drupal.org/SA-CORE-2014-003
        https://www.drupal.org/drupal-6.32-release-notes
        https://www.drupal.org/drupal-7.29-release-notes

        AusCERT
        http://www.auscert.org.au/render.html?it=20132

        HKCERT
        https://www.hkcert.org/my_url/en/alert/14071802

        Comment


        • #5
          Multiple Vulnerabilities in Drupal


          Severity Rating: Medium

          Components Affected

          • Drupal Storage API 7.x-1.x versions prior to 7.x-1.6.
          • Drupal Date module 7.x-2.x versions prior to 7.x-2.8.

          Overview

          Two vulnerabilities have been reported in Drupal which could be exploited by attacker to conduct cross-site scripting (XSS) attacks or execute arbitrary code execution on the targeted system.

          Description

          1.) Cross-site Vulnerability in Date module in Drupal

          This vulnerability exists in Date module in Drupal because the module incorrectly prints date field titles without proper validation of user supplied input. A remote attacker could exploit this vulnerability to
          perform arbitrary script code execution in the context of the vulnerable site,potentially stealing the cookie-based authentication credentials also.


          2.) Arbitrary Code Execution Vulnerability in Storage API module in Drupal

          This vulnerability exists in Storage API module in Drupal due to improper usage of safeguards similar to those as found in Drupal's file API to manage uploads in a safe manner. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the user to cause denial of service conditions.



          Solution
          Apply appropriate updates as mentioned in Drupal Security Advisory :

          https://www.drupal.org/node/2312769
          https://www.drupal.org/node/2312609


          Vendor Information
          Drupal
          https://www.drupal.org/node/2312769
          https://www.drupal.org/node/2312609

          References
          Drupal
          https://www.drupal.org/node/2312769
          https://www.drupal.org/node/2312609

          Security Focus
          http://www.securityfocus.com/bid/68977/
          http://www.securityfocus.com/bid/68974/

          Comment


          • #6
            Multiple Vulnerabilities in Drupal Modules

            Severity Rating: High

            Systems Affected
            • Drupal 6.x and 7.x

            Components Affected
            • Fasttoggle versions prior to 7.x-1.5 for Drupal 7.x
            • Biblio Autocomplete versions prior to 6.x-1.1 for Drupal 6.x
            • Biblio Autocomplete versions prior to 7.x-1.5 for Drupal 7.x


            Overview
            Multiple vulnerabilities have been reported in various modules of Drupal which could be exploited by a remote attacker to bypass certain security restrictions or conduct SQL Injection attacks.
            Description

            1. Access Bypass Vulnerability in Fasttoggle Module

            The vulnerability exists in the Fasttoggle module for Drupal due to its access control which has improper implementation support for the user status (allow/block) link. A malicious user could exploit this
            vulnerability to bypass certain security restrictions to allow user profiles to be viewed by anonymous or logged in users.

            2. Multiple Vulnerabilities in Biblio Autocomplete Module

            This vulnerability is caused due to the inadequacy of the submodule "Biblio self autocomplete" to properly sanitize the user supplied input while being used in a database query.
            Successful exploitation of this vulnerability could allow a malicious user to launch SQL injection attacks. Also, lack of security in the AJAX autocompletion callback could allow anonymous users to access sensitive information.

            Solution
            Apply appropriate updates as mentioned in Drupal Security Advisory
            https://drupal.org/security/contrib


            Vendor Information

            Drupal
            https://drupal.org/security/contrib
            https://www.drupal.org/node/2316747
            https://www.drupal.org/node/2316717

            References

            Drupal
            https://drupal.org/security/contrib
            https://www.drupal.org/node/2316747
            https://www.drupal.org/node/2316717

            Comment


            • #7
              Denial of Service Vulnerability in Drupal and Wordpress

              Severity Rating: High

              Systems Affected
              • Drupal 7.x versions prior to 7.31
              • Drupal 6.x versions prior to 6.33
              • Wordpress versions prior to 3.9.2

              Overview
              A vulnerability has been reported in the Drupal and Wordpress which could
              be exploited by remote attackers to cause Denial of Service (DoS)
              conditions or obtain sensitive information.

              Description
              This vulnerability exists in the PHP XML parser used by the XML-RPC endpoint which is included in Drupal and Wordpress. The XML-RPC endpoint is vulnerable to XML payload attacks and XML entity expansion attack which could leverage a remote attacker to exploit this issue to exhaust CPU and memory to make the target system unresponsive.

              Successful exploitation of this vulnerability could allow a remote attacker to upload a malicious payload onto the affected server, cause a Denial of Service (DoS) conditions or cause other server-side attacks.

              Note: All Drupal sites are vulnerable to this attack irrespective of the use of XML-RPC.


              Solution

              For Drupal,apply appropriate updates as mentioned in Drupal Security Advisory
              https://www.drupal.org/SA-CORE-2014-004

              For Wordpress,Upgrade to WordPress 3.9.2
              https://wordpress.org/news/2014/08/wordpress-3-9-2/

              Vendor Information

              Drupal
              https://www.drupal.org/SA-CORE-2014-004

              Wordpress
              http://wordpress.org/news/2014/08/wordpress-3-9-2/
              http://codex.wordpress.org/Version_3.9.2


              References

              Drupal
              https://www.drupal.org/SA-CORE-2014-004

              Wordpress
              http://wordpress.org/news/2014/08/wordpress-3-9-2/
              http://codex.wordpress.org/Version_3.9.2

              Security Tracker
              http://www.securitytracker.com/id/1030684

              Break Security
              http://www.breaksec.com/?p=6362

              Comment

              Tag Cloud Tag Cloud Module
              Collapse
              Working...
              X