OpenPKG Security Advisory
OpenPKG-SA-2006.025
Publisher Name: OpenPKG GmbH Publisher Home: http://openpkg.com/ Advisory Id (public): OpenPKG-SA-2006.025 Advisory Type: OpenPKG Security Advisory (SA) Advisory Directory: http://openpkg.com/go/OpenPKG-SA Advisory Document: http://openpkg.com/go/OpenPKG-SA-2006.025 Advisory Published: 2010-02-09 17:52 UTC Issue Id (internal): OpenPKG-SI-20061020.01 Issue First Created: 2006-10-20 Issue Last Modified: 2006-11-28 Issue Revision: 07
Subject Name: Drupal Subject Summary: Content Management Platform Subject Home: http://www.drupal.org/ Subject Versions: * <= 4.7.3 Vulnerability Id: none Vulnerability Scope: global (not OpenPKG specific) Attack Feasibility: run-time Attack Vector: remote network Attack Impact: identity fraud, privilege escalation Description: According to vendor security advisories [2][3][4], multiple vulnerabilities exist in the Drupal content management platform [1]: A bug in input validation and lack of output validation allows HTML and script insertion on several pages. And Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. Additionally, the aggregator module, profile module, and forum module do not properly escape output of certain fields. [2] Visiting a specially crafted page, anywhere on the web, may allow that page to post forms to a Drupal site in the context of the visitor's session. An attacker can exploit this vulnerability by changing passwords, posting PHP code or creating new users, for example. The attack is only limited by the privileges of the session it executes in. [3] A malicious user may entice users to visit a specially crafted URL that may result in the redirection of Drupal form submission to a third-party site. A user visiting the user registration page via such an URL, for example, will submit all data, such as the e-mail address, but also possible private profile data, to a third-party site [4]. References: [1] http://drupal.org/ [2] http://drupal.org/node/88826 [3] http://drupal.org/node/88828 [4] http://drupal.org/node/88829
Primary Package Name: drupal Primary Package Home: http://openpkg.org/go/package/drupal Affected Distribution: Affected Branch: Affected Package: OpenPKG Enterprise E1.0-SOLID n/a OpenPKG Community 2-STABLE-20060622 drupal-4.7.3-2.20061018 OpenPKG Community 2-STABLE drupal-4.7.3-2.20061018 OpenPKG Community CURRENT drupal-4.7.3-20061016 Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Enterprise E1.0-SOLID drupal-4.7.4-E1.0.0 OpenPKG Community 2-STABLE-20060622 drupal-4.7.4-2.20061019 OpenPKG Community 2-STABLE drupal-4.7.4-2.20061019 OpenPKG Community CURRENT drupal-4.7.4-20061019
