SB2015092608 - Debian update for drupal7
Published: September 26, 2015
Security Bulletin ID
SB2015092608
Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Access bypass (CVE-ID: CVE-2015-2559)
The vulnerability allows remote attackers access valid user's account.The weakness exists due to forging of password reset URLs especially on sites with external authentication. A malicious user can obtain target user's account not knowing the password. The vulnerability is exploited for sites with empty password hash or identical password hash for different users.
Successful exploitation of this weakness will allow attacker to get access to the targeted user's account.
2) Open redirect (CVE-ID: CVE-2015-2749)
The vulnerability allows a malicious user to perform potential social engineering attacks.The weakness exists due to using of "destinations" query string parameter in malicious purposes. A remote attacker can trick the valid user into using of specially constructed URL for redirecting a victim to a 3rd party website. External URLs also can lead some URL-related API functions to open redirect vulnerabilities.
Successful exploitation of this vulnerability may result in potential social engineering attacks.
Remediation
Install update from vendor's website.