Drupal Audio And MediaField Modules GetID3 Remote Command Execution Vulnerability
BID:22587
Info
Drupal Audio And MediaField Modules GetID3 Remote Command Execution Vulnerability
| Bugtraq ID: | 22587 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-1035 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 16 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | John Forsythe is credited with the discovery of this vulnerability. |
| Vulnerable: |
Drupal Mediafield Module 5.x-1.x-dev Drupal Mediafield Module 4.7.x-1 .x-dev Drupal getID3 Library 1.7.1 Drupal Audio Module 5.x-0.x-dev Drupal Audio Module 5.x-0.2 Drupal Audio Module 4.7.x-1 .x-dev |
| Not Vulnerable: |
Drupal Mediafield Module 5.x-1.0 Drupal Mediafield Module 4.7.x-1 .0 Drupal Audio Module 5.x-0.3 |
Discussion
Drupal Audio And MediaField Modules GetID3 Remote Command Execution Vulnerability
Drupal is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.
Attackers can exploit this issue to execute arbitrary commands in the context of the webserver. A successful attack will allow an attacker to read and delete arbitrary files and to write arbitrary data to empty or MP3 files.
Drupal is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.
Attackers can exploit this issue to execute arbitrary commands in the context of the webserver. A successful attack will allow an attacker to read and delete arbitrary files and to write arbitrary data to empty or MP3 files.
Exploit / POC
Solution / Fix
Drupal Audio And MediaField Modules GetID3 Remote Command Execution Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Drupal Mediafield Module 5.x-1.x-dev
Drupal Audio Module 4.7.x-1 .x-dev
Drupal Audio Module 5.x-0.2
Drupal Mediafield Module 4.7.x-1 .x-dev
Drupal Audio Module 5.x-0.x-dev
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Drupal Mediafield Module 5.x-1.x-dev
-
Drupal mediafield-5.x-1.0.tar.gz
http://ftp.osuosl.org/pub/drupal/files/projects/mediafield-5.x-1.0.tar .gz
Drupal Audio Module 4.7.x-1 .x-dev
-
Drupal audio-4.7.x-1.x-dev.tar.gz
http://ftp.osuosl.org/pub/drupal/files/projects/audio-4.7.x-1.x-dev.ta r.gz
Drupal Audio Module 5.x-0.2
-
Drupal audio-5.x-0.3.tar.gz
http://ftp.osuosl.org/pub/drupal/files/projects/audio-5.x-0.3.tar.gz
Drupal Mediafield Module 4.7.x-1 .x-dev
-
Drupal mediafield-4.7.x-1.0.tar.gz
http://ftp.osuosl.org/pub/drupal/files/projects/mediafield-4.7.x-1.0.t ar.gz -
Drupal mediafield-4.7.x-1.x-dev.tar.gz
http://ftp.osuosl.org/pub/drupal/files/projects/mediafield-4.7.x-1.x-d ev.tar.gz
Drupal Audio Module 5.x-0.x-dev
-
Drupal audio-5.x-0.x-dev.tar.gz
http://ftp.osuosl.org/pub/drupal/files/projects/audio-5.x-0.x-dev.tar. gz
References
Drupal Audio And MediaField Modules GetID3 Remote Command Execution Vulnerability
References:
References: