Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability
BID:22306
Info
Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability
| Bugtraq ID: | 22306 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-0626 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 29 2007 12:00AM |
| Updated: | May 12 2015 07:35PM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
vbDrupal vbDrupal 4.7.5 Drupal Drupal 4.7.5 Drupal Drupal 4.7.4 Drupal Drupal 4.7.3 Drupal Drupal 4.7.2 Drupal Drupal 4.7.1 Drupal Drupal 4.7 Drupal Drupal 5.0 |
| Not Vulnerable: |
vbDrupal vbDrupal 4.7.6 Drupal Drupal 4.7.6 Drupal Drupal 5.1 |
Discussion
Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability
The Drupal application is prone to an arbitrary PHP code-execution vulnerability.
To exploit this issue, attackers must have access to the 'post comments' functionality and to multiple input filters, which is not the default.
Successful exploits will result in arbitrary PHP script code running in the context of the webserver process. This issue can facilitate the compromise of vulnerable computers.
The Drupal application is prone to an arbitrary PHP code-execution vulnerability.
To exploit this issue, attackers must have access to the 'post comments' functionality and to multiple input filters, which is not the default.
Successful exploits will result in arbitrary PHP script code running in the context of the webserver process. This issue can facilitate the compromise of vulnerable computers.
Exploit / POC
Solution / Fix
Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability
Solution:
The vendor has released patches to address this issue. Versions 5.1 and 4.7.6, available from the vendor's site, are not affected by this issue.
Drupal Drupal 5.0
vbDrupal vbDrupal 4.7.5
Drupal Drupal 4.7.5
Solution:
The vendor has released patches to address this issue. Versions 5.1 and 4.7.6, available from the vendor's site, are not affected by this issue.
Drupal Drupal 5.0
-
Drupal SA-2007-005-5.0.patch
http://drupal.org/files/sa-2007-005/SA-2007-005-5.0.patch
vbDrupal vbDrupal 4.7.5
-
vbDrupal vbDrupal-4.7.6.0.zip
http://downloads.sourceforge.net/vbdrupal/vbDrupal-4.7.6.0.zip
Drupal Drupal 4.7.5
-
Drupal SA-2007-005-4.7.5.patch
http://drupal.org/files/sa-2007-005/SA-2007-005-4.7.5.patch
References
Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability
References:
References:
- Drupal < 4.7.6 (post comments) Remote Command Execution Exploit (Str0ke)
- Drupal < 5.1 (post comments) Remote Command Execution Exploit (Str0ke)
- Drupal Security Advisory DRUPAL-SA-2007-005 (Drupal)
- Vendor Homepage (Drupal)
- [DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue (Drupal)