SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
Monthly Archives: June 2015
CVE-2015-4414
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2015-4454
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
Content Construction Kit (CCK) – Less Critical – Open Redirect – SA-CONTRIB-2015-126
- Advisory ID: DRUPAL-SA-CONTRIB-2015-126
- Project: Content Construction Kit (CCK) (third-party module)
- Version: 6.x
- Date: 2015-June-17
- Security risk: 9/25 ( Less Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
- Vulnerability: Open Redirect
Description
The Content Construction Kit (CCK) project is a set of modules that allows you to add custom fields to nodes using a web browser.
CCK uses a “destinations” query string parameter in URLs to redirect users to new destinations after completing an action on a few administration pages. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users into being redirected to a 3rd party website, thereby exposing the users to potential social engineering attacks.
See also: SA-CORE-2015-002
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Content Construction Kit (CCK) 6.x-2.x versions prior to 6.x-2.10.
Drupal core is not affected. If you do not use the contributed Content Construction Kit (CCK) module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Content Construction Kit (CCK) module for Drupal 6.x, upgrade to Content Construction Kit (CCK) 6.x-2.10
Also see the Content Construction Kit (CCK) project page.
Reported by
- Michael Smith
- David Rothstein of the Drupal Security Team
Fixed by
- Pere Orga of the Drupal Security Team
- Neil Drumm, module maintainer and member of the Drupal Security Team
Coordinated by
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
Acquia Cloud Site Factory Connector – Less Critical – Open Redirect – SA-CONTRIB-2015-125
- Advisory ID: DRUPAL-SA-CONTRIB-2015-125
- Project: Acquia Cloud Site Factory Connector (third-party module)
- Version: 7.x
- Date: 2015-June-17
- Security risk: 9/25 ( Less Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
- Vulnerability: Open Redirect
Description
Acquia Cloud Site Factory provides an environment and a robust set of tools that simplify management of many Drupal sites, allowing you to quickly deliver and manage any number of websites.
The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack (see SA-CORE-2015-002).
Only sites with the Overlay module enabled are vulnerable.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Acquia Cloud Site Factory 7.x-1.x versions prior to 7.x-1.14
Drupal core is not affected. If you do not use the contributed Acquia Cloud Site Factory Connector module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Acquia Cloud Site Factory module for Drupal 7.x, upgrade to Acquia Cloud Site Factory 7.x-1.14
Also see the Acquia Cloud Site Factory Connector project page.
Reported by
- Jeroen Vreuls
- David Rothstein of the Drupal Security Team
- Pere Orga of the Drupal Security Team
Fixed by
- Stéphane Corlosquet, module maintainer and member of the Drupal Security Team
Coordinated by
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
LABjs – Less Critical – Open Redirect – SA-CONTRIB-2015-124
- Advisory ID: DRUPAL-SA-CONTRIB-2015-124
- Project: LABjs (third-party module)
- Version: 7.x
- Date: 2015-June-17
- Security risk: 9/25 ( Less Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
- Vulnerability: Open Redirect
Description
The LABjs module integrates LABjs with Drupal for web performance optimization.
The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack (see SA-CORE-2015-002).
Only sites with the Overlay module enabled are vulnerable.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- LABjs 7.x-1.x versions prior to 7.x-1.7.
Drupal core is not affected. If you do not use the contributed LABjs module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the LABjs module for Drupal 7.x, upgrade to LABjs 7.x-1.7.
Also see the LABjs project page.
Reported by
- Jeroen Vreuls
- David Rothstein of the Drupal Security Team
Fixed by
- Pere Orga of the Drupal Security Team
- David Rothstein of the Drupal Security Team
- Hai-Nam Nguyen the module maintainer
Coordinated by
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
jQuery Update – Less Critical – Open Redirect – SA-CONTRIB-2015-123
- Advisory ID: DRUPAL-SA-CONTRIB-2015-123
- Project: jQuery Update (third-party module)
- Version: 7.x
- Date: 2015-June-17
- Security risk: 9/25 ( Less Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
- Vulnerability: Open Redirect
Description
The jQuery Update module enables you to update jQuery on your site.
The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack (see SA-CORE-2015-002).
Only sites with the Overlay module enabled are vulnerable.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- jQuery Update 7.x-2.x versions prior to 7.x-2.6
Drupal core is not affected. If you do not use the contributed jQuery Update module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the jQuery Update module 2.x branch, upgrade to jQuery Update 7.x-2.6
Also see the jQuery Update project page.
Reported by
- Jeroen Vreuls
- David Rothstein of the Drupal Security Team
Fixed by
- Pere Orga of the Drupal Security Team
- David Rothstein of the Drupal Security Team
- Rob Loach the module maintainer
Coordinated by
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
LinkedIn Goes Public with Its Private Bug Bounty
LinkedIn today announced that since October it has been running a private bug bounty, and to date has patched 65 bugs and paid out $65,000 in rewards.
UK Consumers willing to share DNA with banks to secure identity
Consumers in the UK would be happy to share their DNA if it would help secure their financial and personal information, according to a new report.
The post UK Consumers willing to share DNA with banks to secure identity appeared first on We Live Security.
Fedora EPEL 6 Security Update: seamonkey-2.28-6.ESR_31.7.0.el6
Update to the codebase of Extended Support Release (ESR) 31.7.0
Fixes various security issues, see https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html and https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html for more info