Lucene search
Ubuntu.comUB:CVE-2013-6386HistoryDec 07, 2013 - 12:00 a.m.
CVE-2013-6386
2013-12-0700:00:00
ubuntu.com
ubuntu.com
12
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.8%
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand function to
generate random numbers, which uses predictable seeds and allows remote
attackers to predict security strings and bypass intended restrictions via
a brute force attack.
Related
debiancve
debiancve
CVE-2013-6386
2013-12-07 21:55:00
prion
prion
Security feature bypass
2013-12-07 21:55:00
cve
cve
CVE-2013-6386
2013-12-07 21:55:00
debian
debian
[SECURITY] [DSA 2828-1] drupal6 security update
2013-12-28 10:23:54
[SECURITY] [DSA 2828-1] drupal6 security update
2013-12-28 10:24:11
[SECURITY] [DSA 2804-1] drupal7 security update
2013-11-26 16:50:30
openvas
openvas
Debian Security Advisory DSA 2828-1 (drupal6 - several vulnerabilities)
2013-12-28 00:00:00
Debian: Security Advisory (DSA-2828-1)
2013-12-27 00:00:00
Fedora Update for drupal7 FEDORA-2013-21844
2013-12-03 00:00:00
nessus
nessus
Drupal 6.x < 6.29 Multiple Vulnerabilities
2013-11-30 00:00:00
Debian DSA-2828-1 : drupal6 - several vulnerabilities
2013-12-30 00:00:00
Fedora 20 : drupal7-7.24-1.fc20 (2013-21956)
2013-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: drupal7-7.24-1.fc20
2013-12-14 03:03:56
[SECURITY] Fedora 20 Update: drupal6-6.29-1.fc20
2013-12-14 03:31:43
[SECURITY] Fedora 19 Update: drupal6-6.29-1.fc19
2013-12-12 02:55:40
drupal
drupal
SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities
2013-11-20 00:00:00
mageia
mageia
Updated drupal package fixes security vulnerabilities
2013-12-01 01:35:13
securityvulns
securityvulns
[ MDVSA-2013:287 ] drupal
2013-12-09 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.8%
Related for UB:CVE-2013-6386