Fedora EPEL 6 update for drupal6, drupal7
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2012-5651 CVE-2012-5652 CVE-2012-5653 |
| CWE-ID | CWE-284 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Fedora Operating systems & Components / Operating system drupal7 Operating systems & Components / Operating system package or component drupal6 Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Access bypass
EUVDB-ID: #VU461
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5651
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to get access to valid user's search results.
The weakness exists due to access control error and allows to see the blocked users in search results reguardless user's priveleges.
Successful exploitation of the vulnerability results in appearing of blocked users in search results.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 6.0
drupal7: before 7.18-1.el6
drupal6: before 6.27-1.el6
CPE2.3- cpe:2.3:o:fedoraproject:fedora:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:drupal7:*:*:*:*:*:fedora:*:*
- cpe:2.3:a:fedoraproject:drupal6:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2012-13828
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Access bypass
EUVDB-ID: #VU464
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5652
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to look the uploaded files over.
The weakness exists due to access control error and results in showing of uploaded files in RSS feeds and search results. The vulnerability increases possibility to view the information by users not allowed to read it before.
Successful exploitation of the weakness allows malicious users to obtain uploaded files.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 6.0
drupal7: before 7.18-1.el6
drupal6: before 6.27-1.el6
CPE2.3- cpe:2.3:o:fedoraproject:fedora:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:drupal7:*:*:*:*:*:fedora:*:*
- cpe:2.3:a:fedoraproject:drupal6:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2012-13828
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Arbitrary PHP code execution
EUVDB-ID: #VU465
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-5653
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to cause arbitrary code execution on the target system.
The weakness exists due to improper munging of uploaded files name. The vulnerability allows attacker with server permission to upload a specially named file that can bypass the filename munging and cause arbitrary code execution.
Successful exploitation of the weakness results in arbitrary code execution on the vulnerable system.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 6.0
drupal7: before 7.18-1.el6
drupal6: before 6.27-1.el6
CPE2.3- cpe:2.3:o:fedoraproject:fedora:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:drupal7:*:*:*:*:*:fedora:*:*
- cpe:2.3:a:fedoraproject:drupal6:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2012-13828
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
