Announcement Announcement Module
Collapse
No announcement yet.
Multiple Vulnerabilities in Drupal Modules (Drupal 7.x) Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multiple Vulnerabilities in Drupal Modules (Drupal 7.x)


    Multiple Vulnerabilities in Drupal Modules


    Severity Rating: HIGH

    Systems Affected
    • Drupal 7.x

    Components Affected
    • Drupal Context Form Alteration 7.x-1.x versions prior to 7.x-1.2
    • Drupal Field API Pane Editor (FAPE) 7.x-1.x versions prior to 7.x-1.2
    • Drupal Zen 7.x-5.x versions prior to 7.x-5.5
    • Drupal Zen 7.x-3.x versions prior to 7.x-3.3

    Overview
    Multiple vulnerabilities have been reported in various modules of Drupal which could be exploited by a remote attacker to bypass certain security restrictions and conduct Cross-Site Scripting (XSS) attacks.

    Description

    1. Cross site scripting Vulnerability in Context Form Alteration Module

    The vulnerability exists in the Context Form Alteration module for Drupal which fails to completely sanitize the user input supplied to the Context Configuration User Interface. A remote attacker could exploit this vulnerability by leveraging a user to view the malicious data that will execute an arbitrary HTML and script code in a user’s browser session.

    Note: Successful exploitation of this vulnerability requires the "administer contexts" permission.

    2. Access Bypass Vulnerability in Field API Pane Editor (FAPE) Module

    This vulnerability is caused due to the inadequacy of the Field API Pane Editor (FAPE) Module to validate whether there is access to the user to modify the entity to which the field is attached.

    A remote attacker could exploit this vulnerability by gaining content access permissions to edit any field on any entity on the site. Successful exploitation of this vulnerability could allow a remote attacker to bypass certain security restrictions and modify contents of the site.

    3. Cross site scripting Vulnerability in Zen Module

    The vulnerability exists in the Zen module for Drupal which fails to sanitize theme settings before they are used in the output of the page.

    A remote attacker could exploit this vulnerability to execute an arbitrary HTML and script code in a user’s browser session by leveraging a user to view the malicious data in context of the affected site.

    Note:
    • Successful exploitation of this vulnerability requires a role with the permission "administer theme".
    • This vulnerability may exists in the Themes that have copied code from Zen's template.php.

    Solution
    Apply appropriate updates as mentioned in Drupal Security Advisory
    https://drupal.org/security/contrib

    Vendor Information

    Drupal
    https://drupal.org/security/contrib
    https://drupal.org/node/2254943
    https://drupal.org/node/2254925
    https://drupal.org/node/2254853

    References

    Secunia
    http://secunia.com/advisories/58307/
    http://secunia.com/advisories/58318/

    SecureList
    http://www.securelist.com/en/advisories/58307
    http://www.securelist.com/en/advisories/58316
    http://www.securelist.com/en/advisories/58318

  • #2
    Access Bypass Vulnerability in Drupal Commerce Postfinance ePayment

    Severity Rating: MEDIUM

    Systems Affected
    • Drupal 7.x

    Component Affected
    • Commerce Postfinance ePayment 7.x-1.x versions prior to 7.x-1.5.

    Overview
    A vulnerability has been reported in the Commerce Postfinance ePayment module for Drupal which could be exploited by remote attacker to bypass certain security restrictions.

    Description
    This vulnerability exists due to the failure of the module to appropriately validate the incoming payment notification (IPN) messages.
    A remote attacker could exploit this vulnerability by sending a specially crafted IPN message to create transactions and manipulate the status of an order in context of an affected site.

    Successful exploitation of this vulnerability could allow a remote attacker to cause cross-site scripting attacks resulting in purchasing items without payment.

    Solution
    Upgrade to Drupal Commerce Postfinance ePayment version 7.x-1.5
    https://drupal.org/node/2266975

    Vendor Information
    Drupal
    https://drupal.org/node/2267381

    References
    SecureList
    http://www.securelist.com/en/advisories/58442/

    Comment


    • #3
      Multiple Vulnerabilities in Drupal Modules

      Severity Rating: High

      Systems Affected
      • Drupal Realname Registration module 6.x-2.x versions and 6.x-2.0-rc5 and prior.
      • Drupal Realname Registration module 7.x-1.x and 7.x-2.x versions 7.x-2.0-rc2 and prior.
      • Drupal AddressField Tokens module 7.x-1.x versions prior to 7.x-1.4.
      • Drupal Field API Tab Editor module 7.x-1.x versions prior to 7.x-1.1.
      • Drupal Quiz module 6.x-4.x versions prior to 6.x-4.5

      Overview
      Multiple vulnerabilities have been reported in various modules of Drupal which could be exploited by a remote attacker to bypass certain security restrictions, disclose information and conduct cross-site scripting (XSS) attacks.

      Description

      1. Drupal Realname Registration module Information Disclosure Vulnerability

      This vulnerability exists in Realname Registration module due to improper access restrictions to the settings that determines the user fields which are incorporated into usernames and improper validation of generated usernames. Successful exploitation of this vulnerability could expose user profile fields that are intended to be kept private.

      2. Drupal AddressField Tokens Module Vulnerability

      The vulnerability occurs because the module does not properly filter address field values which could allow a remote attacker to conduct cross-site scripting (XSS) attacks. Successful exploitation of this
      vulnerability requires an attacker who has the permission to create or edit an AddressField field.

      3. Drupal Field API Tab Editor Module Vulnerability

      The vulnerability occurs when the current user does not have access to edit the entity field due to which the module returns an incorrect value to hook_menu. Successful exploitation of this vulnerability could allow unauthorized users to edit any fields that are enabled via this module.

      4. Drupal Quiz Module Access Bypass Vulnerabilities

      Two vulnerabilities have been reported in the Quiz module for Drupal.
      These vulnerabilities exist due to improper access restrictions by the default views for quiz results provided by the module and the module does not properly check the delete quiz results permission.Successful exploitation of this vulnerability requires the "view any quiz results" or "view results for own quiz" permissions through which a remote attacker could delete arbitrary results via the delete option and obtain sensitive quiz results.


      Solution
      Apply appropriate updates as mentioned in Drupal Security Advisories
      https://drupal.org/security/contrib

      Vendor Information
      Drupal
      https://drupal.org/node/2267481
      https://drupal.org/node/2267485
      https://drupal.org/node/2267539
      https://drupal.org/node/2123995

      References
      Secure List
      http://www.securelist.com/en/advisories/58378
      http://www.securelist.com/en/advisories/58442
      http://www.securelist.com/en/advisories/55471
      http://www.securelist.com/en/advisories/58399

      Security Database
      http://www.security-database.com/det...=CVE-2013-4500
      http://www.security-database.com/det...=CVE-2013-4501

      Comment


      • #4
        Access Bypass Vulnerabilities in Drupal Modules

        Severity Rating: Medium

        Components Affected:
        • Drupal Views Module 7.x-3.x versions prior to 7.x-3.8.
        • Drupal Login Redirect 7.x-1.x versions prior to 7.x-1.1.

        Overview
        Two vulnerabilities have been reported in Drupal which could be exploited by malicious remote attacker to bypass certain security restrictions .

        Description
        1. Drupal Require Login Module Access Bypass Vulnerability
        This vulnerability exists in Require Login module for Drupal due to improper access restrictions for the front page which could allow un-authenticated users to gain access to restricted sensitive information.

        2. Drupal Views Module Access Bypass Vulnerability
        This vulnerability exists in Views module for Drupal due to inadequate access restrictions applied when displaying views. While returning the list of handlers from view_plugin_display::get_ handlers() , the module does not properly check handler access. Successful exploitation of this vulnerability could allow an attacker to bypass certain security restrictions .

        Solution
        Apply appropriate updates as mentioned in Drupal Security Advisories :
        https://drupal.org/security/contrib

        Vendor Information
        Drupal
        https://drupal.org/node/2271837
        https://drupal.org/node/2271809

        References

        Secure List
        http://www.securelist.com/en/advisories/58856/
        http://www.securelist.com/en/advisories/58858

        Drupal
        https://drupal.org/node/2271837
        https://drupal.org/node/2271809

        Security Focus
        http://www.securityfocus.com/bid/67564/

        Comment


        • #5

          Multiple Vulnerabilities in Drupal Modules

          Severity Rating: Medium

          Systems Affected

          Custom Meta 6.x-1.x versions prior to 6.x-1.2
          Custom Meta 7.x-1.x versions prior to 7.x-1.2
          Easy breadcrumbs 7.x-2.x versions prior to 7.x-2.10
          Course 6.x-1.x versions prior to 6.x-1.1.
          Course 7.x-1.x versions prior to 7.x-1.2.
          Password Policy 6.x-1.x versions prior to 6.x-1.7.
          Password Policy 7.x-1.x versions prior to 7.x-1.7.
          Password Policy 7.x-2.x versions prior to 7.x-2.0-alpha2

          Overview

          Multiple vulnerabilities have been reported in Drupal which could be exploited by remote attackers to conduct cross-site scripting (XSS) and bypass certain password restrictions.
          Description
          1. Cross-site scripting (XSS) vulnerability in Custom Meta Module This vulnerability exists in Custom Meta Module because the user input supplied to the attribute and content values for meta tags is not validated properly prior to being displayed.

          A remote attacker with privilege to an account with permission “administer custom meta setting” could exploit this vulnerability to conduct cross-site scripting (XSS) attacks.

          2. Cross-site scripting (XSS) vulnerability in Easy Breadcrumb Module.
          This vulnerability exists in Easy Breadcrumb Module because the user input supplied to the attribute and content values are not validated properly.
          A remote attacker could exploit this vulnerability to conduct cross-site scripting (XSS) attacks.

          3. Course Module Access bypass vulnerability
          This vulnerability exists in Course Module due to improper access restriction on Course object edit forms.
          A remote attacker could exploit this vulnerability to bypass certain security restrictions.

          4. Access bypass and information disclosure vulnerabilities
          This vulnerability occurs because of the history constraint in Password Policy module which does not properly changed to match a specified number of their previous passwords.
          Successful exploitation of this vulnerability could allow a remote attacker to gain access to sensitive information.

          5. Access bypass
          This vulnerability exists in “user_save()” function due to improper enforcement of password changes.
          This could allow a remote attacker to obtain user passwords.

          Solution
          Apply appropriate patches as mentioned in the following link:
          https://www.drupal.org/node/2288429
          https://www.drupal.org/node/2288403
          https://www.drupal.org/node/2288353
          https://www.drupal.org/node/2288341

          Vendor Information
          Drupal

          https://www.drupal.org/node/2288429
          https://www.drupal.org/node/2288403
          https://www.drupal.org/node/2288353
          https://www.drupal.org/node/2288341

          References
          Drupal
          https://www.drupal.org/node/2288429
          https://www.drupal.org/node/2288403
          https://www.drupal.org/node/2288353
          https://www.drupal.org/node/2288341

          SecurityFocus.com
          http://www.securityfocus.com/archive.../30/0/threaded

          Comment

          Tag Cloud Tag Cloud Module
          Collapse
          Working...
          X