Retired: Drupal Preview Comments Remote Command Execution Vulnerability

Bugtraq ID:	22579
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 15 2007 12:00AM
Updated:	Feb 15 2007 09:37PM
Credit:	Str0ke is credited with the discovery of this vulnerability.
Vulnerable:	Drupal Drupal 4.7.5 Drupal Drupal 4.7.4 Drupal Drupal 4.7.4 Drupal Drupal 4.7.3 Drupal Drupal 4.7.3 Drupal Drupal 4.7.2 Drupal Drupal 4.7.1 Drupal Drupal 4.7 Drupal Drupal 5.0
Not Vulnerable:

Retired: Drupal Preview Comments Remote Command Execution Vulnerability

Drupal is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.

Exploiting this issue allows attackers to execute arbitrary commands in the context of the webserver.

A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.

NOTE: This BID is being retired because this issue was addressed in BID 22306 (Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability).

Retired: Drupal Preview Comments Remote Command Execution Vulnerability

Attackers can exploit this issue via a web client.

The following exploit code is available are available for versions prior to 4.76 and versions prior to 5.1

• /data/vulnerabilities/exploits/22579Drupal5.pl
• /data/vulnerabilities/exploits/22579Druapl4.pl

Retired: Drupal Preview Comments Remote Command Execution Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Retired: Drupal Preview Comments Remote Command Execution Vulnerability

References:

• Drupal < 5.1 (post comments) Remote Command Execution Exploit (Str0ke)
  
• Drupal < 4.7.6 (post comments) Remote Command Execution Exploit (Str0ke)
  
• Vendor Homepage (Drupal)