Detections
Analytics

FreeBSD : drupal -- Drupal Core - Multiple Vulnerabilities (89ca6f7d-4f00-11e8-9b1d-00e04c1ea73d)

high Nessus Plugin ID 109565

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Drupal Security Team reports :

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002.
Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.

Solution

Update the affected packages.

See Also

https://www.drupal.org/SA-CORE-2018-004

http://www.nessus.org/u?d7ae8f18

Plugin Details

Severity: High

ID: 109565

File Name: freebsd_pkg_89ca6f7d4f0011e89b1d00e04c1ea73d.nasl

Version: 1.2

Type: local

Published: 5/4/2018

Updated: 11/10/2018

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:drupal7, p-cpe:/a:freebsd:freebsd:drupal8, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/3/2018

Vulnerability Publication Date: 4/25/2018