Vulnerability-Lookup

CNVD-2015-04035

Vulnerability from cnvd - Published: 2015-06-26

Title

Drupal OpenID模块会话劫持漏洞

Description

Drupal是使用PHP语言编写的开源内容管理框架（CMF），它由内容管理系统（CMS）和PHP开发框架（Framework）共同构成。 Drupal 6.36之前6.x版本和7.38之前7.x版本的OpenID模块存在会话劫持漏洞。远程攻击者可通过特制的OpenID身份利用该漏洞登录到其他用户账户。

Severity

中

Patch Name

Drupal OpenID模块会话劫持漏洞的补丁

Patch Description

Drupal是使用PHP语言编写的开源内容管理框架（CMF），它由内容管理系统（CMS）和PHP开发框架（Framework）共同构成。 Drupal 6.36之前6.x版本和7.38之前7.x版本的OpenID模块存在会话劫持漏洞。远程攻击者可通过特制的OpenID身份利用该漏洞登录到其他用户账户。目前，厂商已经发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://www.drupal.org/SA-CORE-2015-002

Reference

http://www.debian.org/security/2015/dsa-3291

Impacted products

Name
['Drupal Drupal 7.x(<7.38)', 'Drupal Drupal 6.x(<6.36)']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "75294"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-3234"
    }
  },
  "description": "Drupal\u662f\u4f7f\u7528PHP\u8bed\u8a00\u7f16\u5199\u7684\u5f00\u6e90\u5185\u5bb9\u7ba1\u7406\u6846\u67b6\uff08CMF\uff09\uff0c\u5b83\u7531\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u548cPHP\u5f00\u53d1\u6846\u67b6\uff08Framework\uff09\u5171\u540c\u6784\u6210\u3002\r\n\r\nDrupal 6.36\u4e4b\u524d6.x\u7248\u672c\u548c7.38\u4e4b\u524d7.x\u7248\u672c\u7684OpenID\u6a21\u5757\u5b58\u5728\u4f1a\u8bdd\u52ab\u6301\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236\u7684OpenID\u8eab\u4efd\u5229\u7528\u8be5\u6f0f\u6d1e\u767b\u5f55\u5230\u5176\u4ed6\u7528\u6237\u8d26\u6237\u3002",
  "discovererName": "Vladislav Mladenov;Christian Mainka;Christian Ko\u00dfmann",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://www.drupal.org/SA-CORE-2015-002",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-04035",
  "openTime": "2015-06-26",
  "patchDescription": "Drupal\u662f\u4f7f\u7528PHP\u8bed\u8a00\u7f16\u5199\u7684\u5f00\u6e90\u5185\u5bb9\u7ba1\u7406\u6846\u67b6\uff08CMF\uff09\uff0c\u5b83\u7531\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u548cPHP\u5f00\u53d1\u6846\u67b6\uff08Framework\uff09\u5171\u540c\u6784\u6210\u3002 \r\n\r\nDrupal 6.36\u4e4b\u524d6.x\u7248\u672c\u548c7.38\u4e4b\u524d7.x\u7248\u672c\u7684OpenID\u6a21\u5757\u5b58\u5728\u4f1a\u8bdd\u52ab\u6301\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236\u7684OpenID\u8eab\u4efd\u5229\u7528\u8be5\u6f0f\u6d1e\u767b\u5f55\u5230\u5176\u4ed6\u7528\u6237\u8d26\u6237\u3002\u76ee\u524d\uff0c\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Drupal OpenID\u6a21\u5757\u4f1a\u8bdd\u52ab\u6301\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Drupal Drupal 7.x(\u003c7.38)",
      "Drupal Drupal 6.x(\u003c6.36)"
    ]
  },
  "referenceLink": "http://www.debian.org/security/2015/dsa-3291",
  "serverity": "\u4e2d",
  "submitTime": "2015-06-25",
  "title": "Drupal OpenID\u6a21\u5757\u4f1a\u8bdd\u52ab\u6301\u6f0f\u6d1e"
}

CVE-2015-3234 (GCVE-0-2015-3234)

Vulnerability from cvelistv5 – Published: 2015-06-22 19:00 – Updated: 2024-08-06 05:39

Summary

The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows remote attackers to log into other users' accounts by leveraging an OpenID identity from certain providers, as demonstrated by the Verisign, LiveJournal, and StackExchange providers.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.securityfocus.com/bid/75294	vdb-entryx_refsource_BID
	http://www.debian.org/security/2015/dsa-3291	vendor-advisoryx_refsource_DEBIAN
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	https://www.drupal.org/SA-CORE-2015-002	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:39:32.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2015-10189",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html"
          },
          {
            "name": "75294",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75294"
          },
          {
            "name": "DSA-3291",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3291"
          },
          {
            "name": "FEDORA-2015-10290",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.drupal.org/SA-CORE-2015-002"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows remote attackers to log into other users\u0027 accounts by leveraging an OpenID identity from certain providers, as demonstrated by the Verisign, LiveJournal, and StackExchange providers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2015-10189",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html"
        },
        {
          "name": "75294",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75294"
        },
        {
          "name": "DSA-3291",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3291"
        },
        {
          "name": "FEDORA-2015-10290",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.drupal.org/SA-CORE-2015-002"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-3234",
    "datePublished": "2015-06-22T19:00:00",
    "dateReserved": "2015-04-10T00:00:00",
    "dateUpdated": "2024-08-06T05:39:32.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-04035

CVE-2015-3234 (GCVE-0-2015-3234)

Tags

Sightings

Nomenclature