Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [Security-news] Printer, email and PDF versions - Highly critical - Remote Code Execution - SA-CONTRIB-2018-063

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [Security-news] Printer, email and PDF versions - Highly critical - Remote Code Execution - SA-CONTRIB-2018-063


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: security-news AT drupal.org
  • To: security-news AT drupal.org
  • Subject: [IT-SecNots] [Security-news] Printer, email and PDF versions - Highly critical - Remote Code Execution - SA-CONTRIB-2018-063
  • Date: Wed, 3 Oct 2018 18:34:54 +0000 (UTC)
  • List-archive: <http://lists.drupal.org/pipermail/security-news/>
  • List-id: <security-news.drupal.org>
View online: https://www.drupal.org/sa-contrib-2018-063

Project: Printer, email and PDF versions [1]
Version: 7.x-2.x-dev
Date: 2018-October-03
Security risk: *Highly critical* 20∕25
AC:None/A:None/CI:All/II:All/E:Theoretical/TD:Uncommon [2]
Vulnerability: Remote Code Execution

Description: 
This module provides printer-friendly versions of content, including send by
e-mail and PDF versions.

The module doesn't sufficiently sanitize the arguments passed to the
wkhtmltopdf executable, allowing a remote attacker to execute arbitrary shell
commands. It also doesn't sufficiently sanitize the HTML content passed to
dompdf, allowing a privileged attacker to execute arbitrary PHP code.

This vulnerability is mitigated by the fact that the site must have either
the wkhtmltopdf or dompdf sub-modules enabled and selected as the PDF
generation tool. In the case of the dompdf vulnerability, the attacker must
be able to write content to the site.

Solution: 
Install the latest version:

* If you use the print module for Drupal 7.x, upgrade to print 7.x-2.1 [3]

In alternative, disable PDF generation, or replace the PDF generation library
with another of the supported versions.

Also see the Printer, email and PDF versions [4] project page.

Reported By: 
* yoloClin [5]


Fixed By: 
* Lee Rowlands [6] of the Drupal Security Team
* João Ventura [7]
* yoloClin [8]


Coordinated By: 
* Lee Rowlands [9] of the Drupal Security Team
* Michael Hess [10] of the Drupal Security Team



[1] https://www.drupal.org/project/print
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/print/releases/7.x-2.1
[4] https://www.drupal.org/project/print
[5] https://www.drupal.org/user/3585171
[6] https://www.drupal.org/user/395439
[7] https://www.drupal.org/user/122464
[8] https://www.drupal.org/user/3585171
[9] https://www.drupal.org/user/395439
[10] https://www.drupal.org/u/mlhess

_______________________________________________
Security-news mailing list
Security-news AT drupal.org
Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news

  • [IT-SecNots] [Security-news] Printer, email and PDF versions - Highly critical - Remote Code Execution - SA-CONTRIB-2018-063, security-news, 03.10.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang