Test ID:	1.3.6.1.4.1.25623.1.1.1.2.2016.695
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-695-1)
Summary:	The remote host is missing an update for the Debian 'spip' package(s) announced via the DLA-695-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'spip' package(s) announced via the DLA-695-1 advisory. Vulnerability Insight: Multiple vulnerabilities have been discovered in SPIP, a website engine for publishing written in PHP. CVE-2016-7980 Nicolas Chatelain of Sysdream Labs discovered a cross-site request forgery (CSRF) vulnerability in the valider_xml action of SPIP. This allows remote attackers to make use of potential additional vulnerabilities such as the one described in CVE-2016-7998. CVE-2016-7981 Nicolas Chatelain of Sysdream Labs discovered a reflected cross-site scripting attack (XSS) vulnerability in the validater_xml action of SPIP. An attacker could take advantage of this vulnerability to inject arbitrary code by tricking an administrator to open a malicious link. CVE-2016-7982 Nicolas Chatelain of Sysdream Labs discovered a file enumeration / path traversal attack in the validator_xml action of SPIP. An attacker could use this to enumerate files in an arbitrary directory on the file system. CVE-2016-7998 Nicolas Chatelain of Sysdream Labs discovered a possible PHP code execution vulnerability in the template compiler/composer function of SPIP. In combination with the XSS and CSRF vulnerabilities described in this advisory, a remote attacker could take advantage of this to execute arbitrary PHP code on the server. CVE-2016-7999 Nicolas Chatelain of Sysdream Labs discovered a server side request forgery in the valider_xml action of SPIP. Attackers could take advantage of this vulnerability to send HTTP or FTP requests to remote servers that they don't have direct access to, possibly bypassing access controls such as a firewall. For Debian 7 Wheezy, these problems have been fixed in version 2.1.17-1+deb7u6. We recommend that you upgrade your spip packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'spip' package(s) on Debian 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7980 BugTraq ID: 93451 http://www.securityfocus.com/bid/93451 https://sysdream.com/news/lab/2016-10-19-spip-3-1-2-exec-code-cross-site-request-forgery-cve-2016-7980/ http://www.openwall.com/lists/oss-security/2016/10/05/17 http://www.openwall.com/lists/oss-security/2016/10/06/6 http://www.openwall.com/lists/oss-security/2016/10/12/6 Common Vulnerability Exposure (CVE) ID: CVE-2016-7981 http://www.openwall.com/lists/oss-security/2016/10/12/7 Common Vulnerability Exposure (CVE) ID: CVE-2016-7982 https://sysdream.com/news/lab/2016-10-19-spip-3-1-1-3-1-2-file-enumeration-path-traversal-cve-2016-7982/ http://www.openwall.com/lists/oss-security/2016/10/12/8 Common Vulnerability Exposure (CVE) ID: CVE-2016-7998 https://sysdream.com/news/lab/2016-10-19-spip-3-1-2-template-compiler-composer-php-code-execution-cve-2016-7998/ http://www.openwall.com/lists/oss-security/2016/10/07/5 http://www.openwall.com/lists/oss-security/2016/10/08/6 Common Vulnerability Exposure (CVE) ID: CVE-2016-7999 https://sysdream.com/news/lab/2016-10-19-spip-3-1-2-server-side-request-forgery-cve-2016-7999/ http://www.openwall.com/lists/oss-security/2016/10/12/10
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.