Test ID:	1.3.6.1.4.1.25623.1.0.130123
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0253)
Summary:	The remote host is missing an update for the 'drupal' package(s) announced via the MGASA-2015-0253 advisory.
Description:	Summary: The remote host is missing an update for the 'drupal' package(s) announced via the MGASA-2015-0253 advisory. Vulnerability Insight: Incorrect cache handling made private content viewed by 'user 1' exposed to other, non-privileged users (CVE-2015-3231). A flaw in the Field UI module made it possible for attackers to redirect users to malicious sites (CVE-2015-3232). Due to insufficient URL validation, the Overlay module could be used to redirect users to malicious sites (CVE-2015-3233). The OpenID module allowed an attacker to log in as other users, including administrators (CVE-2015-3234). Affected Software/OS: 'drupal' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3231 75286 http://www.securityfocus.com/bid/75286 DSA-3291 http://www.debian.org/security/2015/dsa-3291 FEDORA-2015-10189 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html FEDORA-2015-10290 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html https://www.drupal.org/SA-CORE-2015-002 Common Vulnerability Exposure (CVE) ID: CVE-2015-3232 75287 http://www.securityfocus.com/bid/75287 Common Vulnerability Exposure (CVE) ID: CVE-2015-3233 75279 http://www.securityfocus.com/bid/75279 75280 http://www.securityfocus.com/bid/75280 75284 http://www.securityfocus.com/bid/75284 [oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131) http://www.openwall.com/lists/oss-security/2015/07/04/4 https://www.drupal.org/node/2507535 https://www.drupal.org/node/2507555 https://www.drupal.org/node/2507561 https://www.drupal.org/node/2507729 https://www.drupal.org/node/2507735 https://www.drupal.org/node/2507741 Common Vulnerability Exposure (CVE) ID: CVE-2015-3234 75294 http://www.securityfocus.com/bid/75294
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.