Vulnerabilities > CVE-2016-3164
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on a 404 error page, related to path manipulation.
Vulnerable Configurations
Nessus
NASL family CGI abuses NASL id DRUPAL_7_43.NASL description The version of Drupal running on the remote web server is 7.x prior to 7.43. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the File module that allows an attacker to view, delete, or substitute a link to a file that has not yet been submitted or processed by a form. An authenticated, remote attacker can exploit this, via continuous deletion of temporary files, to block all file uploads to a site. - A flaw exists in the XML-RPC system due to a failure to limit the number of simultaneous calls being made to the same method. A remote attacker can exploit this to facilitate brute-force attacks. - A cross-site redirection vulnerability exists due to improper validation of unspecified input before returning it to the user, which can allow the current path to be filled-in with an external URL. A remote attacker can exploit this, via a crafted link, to redirect a user to a malicious web page of the attacker last seen 2020-03-21 modified 2016-03-04 plugin id 89683 published 2016-03-04 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89683 title Drupal 7.x < 7.43 Multiple Vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3498.NASL description Multiple security vulnerabilities have been found in the Drupal content management framework. For additional information, please refer to the upstream advisory at last seen 2020-06-01 modified 2020-06-02 plugin id 89004 published 2016-02-29 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89004 title Debian DSA-3498-1 : drupal7 - security update
References
- http://www.debian.org/security/2016/dsa-3498
- http://www.debian.org/security/2016/dsa-3498
- http://www.openwall.com/lists/oss-security/2016/02/24/19
- http://www.openwall.com/lists/oss-security/2016/02/24/19
- http://www.openwall.com/lists/oss-security/2016/03/15/10
- http://www.openwall.com/lists/oss-security/2016/03/15/10
- https://www.drupal.org/SA-CORE-2016-001
- https://www.drupal.org/SA-CORE-2016-001