SB2018102001 - Debian update for drupal7

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018102001

SB2018102001 - Debian update for drupal7

Published: October 20, 2018

Security Bulletin ID SB2018102001
CSH Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 75% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) OS command injection (CVE-ID: N/A)

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote authenticated attacker to compromise vulnerable system.

The vulnerability exists due to insufficient sanitization of the user-supplied input when sending email messages via DefaultMailSystem::mail() function. A remote attacker can inject and execute arbitrary OS commands on the vulnerable system with privileges of the web server.

2) Open redirect (CVE-ID: N/A)

CWE-ID: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote authenticated attacker to perform open redirection attacks.

The vulnerability exists due to the attacker with "administer paths" permissions can use a particular path in the URL that leads to open redirect.

3) Code injection (CVE-ID: CVE-2018-7602)

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber


The vulnerability allows a remote attacker to compromise vulnerable website.

The vulnerability exists due to improper input validation when processing HTTP requests. A remote unauthenticated attacker can send a specially crafted HTTP request to vulnerable website and compromise it.

Successful exploitation of the vulnerability may allow an attacker to gain full access to vulnerable website.

Note: the vendor updated the original advisory stating that this vulnerability is being exploited in the wild.

4) Code injection (CVE-ID: CVE-2018-7600)

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber


The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to unspecified error within multiple subsystems of Drupal installation. A remote unauthenticated attacker can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Remediation

Install update from vendor's website.

References