Drupal Commons Group模块权限许可和访问控制漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1167084 漏洞类型 权限许可和访问控制
发布时间 2013-07-17 更新时间 2013-07-17
CVE编号 CVE-2013-1907 CNNVD-ID CNNVD-201307-288
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://cxsecurity.com/issue/WLB-2013030246
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201307-288
|漏洞详情
Commons是一套用于创建内部或外部社区的解决方案。CommonsGroup是用于Drupal中的一个扩展模块,该模块为Commons分布提供了一个OrganicGroups功能。Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。Commons模块7.x-3.1之前的版本中使用的Drupal的CommonsGroup模块7.x-3.1之前的版本中存在访问绕过和提权漏洞,该漏洞源于程序没有正确限制对组的访问权限。远程攻击者可利用该漏洞向组提交任意内容。
|漏洞EXP
View online: http://drupal.org/node/1954764

  * Advisory ID: DRUPAL-SA-CONTRIB-2013-038
  * Project: Commons Groups [1] (third-party module)
  * Version: 7.x
  * Date: 2013-March-27
  * Security risk: Moderately critical [2]
  * Exploitable from: Remote
  * Vulnerability: Access bypass, Multiple vulnerabilities

-------- DESCRIPTION  
---------------------------------------------------------

The Drupal Commons distribution is a tool for building social, group-based
collaboration communities. The Commons Groups module is used by the
distribution to provide specific Organic Groups customizations.

Versions 3.0 and earlier of the Commons Groups module is vulnerable to an
access bypass and privilege escalation vulnerability that allows anonymous
users to post content into groups.


-------- CVE IDENTIFIER(S) ISSUED  
--------------------------------------------

  * /A CVE identifier [3] will be requested, and added upon issuance, in
    accordance with Drupal Security Team processes./

-------- VERSIONS AFFECTED  
---------------------------------------------------

  * Drupal Commons distribution and Commons Groups versions prior to 7.x-3.1.

Drupal core is not affected. If you do not use the contributed Commons Groups
[4] module, there is nothing you need to do.

-------- SOLUTION  
------------------------------------------------------------

Install the latest version:

  * If you use Commons Groups module upgrade to Commons Groups 7.x-3.1 [5] or
    install the latest version of the Drupal Commons distribution (7.x-3.1)
    which will include the fix for Commons Groups

Also see the Commons Groups [6] project page.

-------- REPORTED BY  
---------------------------------------------------------

Commons project maintainers:
  * Joseph Pontani [7]
  * Jakob Perry [8]
  * Ezra Gildesgame [9]

-------- FIXED BY  
------------------------------------------------------------

Commons project maintainers:

  * Joseph Pontani [10]
  * Jakob Perry [11]
  * Ezra Gildesgame [12]

-------- COORDINATED BY  
------------------------------------------------------

  * Greg Knaddison [13] of the Drupal Security Team
  * Ben Jeavons [14] of the Drupal Security Team

-------- CONTACT AND MORE INFORMATION  
----------------------------------------

The Drupal security team can be reached at security at drupal.org or via the
contact form at http://drupal.org/contact [15].

Learn more about the Drupal Security team and their policies [16], writing
secure code for Drupal [17], and securing your site [18].


[1] http://drupal.org/project/commons_groups
[2] http://drupal.org/security-team/risk-levels
[3] http://cve.mitre.org/
[4] http://drupal.org/project/commons_groups
[5] http://drupal.org/node/1954762
[6] http://drupal.org/project/commons_groups
[7] http://drupal.org/user/1014606
[8] http://drupal.org/user/45640
[9] http://drupal.org/user/69959/
[10] http://drupal.org/user/1014606
[11] http://drupal.org/user/45640
[12] http://drupal.org/user/69959/
[13] http://drupal.org/user/36762
[14] http://drupal.org/user/91990
[15] http://drupal.org/contact
[16] http://drupal.org/security-team
[17] http://drupal.org/writing-secure-code
[18] http://drupal.org/security/secure-configuration

_______________________________________________
Security-news mailing list
Security-news@drupal.org
Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news


|参考资料

来源:drupal.org
链接:https://drupal.org/node/1954948
来源:drupal.org
链接:https://drupal.org/node/1954764
来源:drupal.org
链接:https://drupal.org/node/1954762
来源:XF
名称:drupal-commons-groups-security-bypass(83133)
链接:http://xforce.iss.net/xforce/xfdb/83133
来源:SECUNIA
名称:52795
链接:http://secunia.com/advisories/52795
来源:SECUNIA
名称:52769
链接:http://secunia.com/advisories/52769
来源:FULLDISC
名称:20130327[Security-news]SA-CONTRIB-2013-038-CommonsGroups-Accessbypass&Privilegeescalation
链接:http://seclists.org/fulldisclosure/2013/Mar/242
来源:packetstormsecurity.com
链接:http://packetstormsecurity.com/files/120991/Drupal-Common-Groups-7.x-Access-Bypass-Privilege-Escalation.html
来源:OSVDB
名称:91748
链接:http://osvdb.org/91748