SB2018102001 - Debian update for drupal7
Published: October 20, 2018
Security Bulletin ID
SB2018102001
Severity
High
Patch available
YES
Number of vulnerabilities
4
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) OS command injection (CVE-ID: N/A)
The vulnerability allows a remote authenticated attacker to compromise vulnerable system.
The vulnerability exists due to insufficient sanitization of the user-supplied input when sending email messages via DefaultMailSystem::mail() function. A remote attacker can inject and execute arbitrary OS commands on the vulnerable system with privileges of the web server.
2) Open redirect (CVE-ID: N/A)
The vulnerability allows a remote authenticated attacker to perform open redirection attacks.
The vulnerability exists due to the attacker with "administer paths" permissions can use a particular path in the URL that leads to open redirect.
3) Code injection (CVE-ID: CVE-2018-7602)
The vulnerability allows a remote attacker to compromise vulnerable website.The vulnerability exists due to improper input validation when processing HTTP requests. A remote unauthenticated attacker can send a specially crafted HTTP request to vulnerable website and compromise it.
Successful exploitation of the vulnerability may allow an attacker to gain full access to vulnerable website.
Note: the vendor updated the original advisory stating that this vulnerability is being exploited in the wild.
4) Code injection (CVE-ID: CVE-2018-7600)
The vulnerability allows a remote attacker to compromise vulnerable system.The vulnerability exists due to unspecified error within multiple subsystems of Drupal installation. A remote unauthenticated attacker can execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Remediation
Install update from vendor's website.