BID:30168

Drupal Multiple Remote Vulnerabilities

Info

Drupal Multiple Remote Vulnerabilities

Bugtraq ID:	30168
Class:	Unknown
CVE:	CVE-2008-3220 CVE-2008-3221 CVE-2008-3218
Remote:	Yes
Local:	No
Published:	Jul 09 2008 12:00AM
Updated:	Jul 06 2016 02:17PM
Credit:	Erich C. Beyrent, John Morahan, Peter Wolanin, Neil Drumm, Heine Deelstra and the Drupal security team
Vulnerable:	vbDrupal vbDrupal 5.7 vbDrupal vbDrupal 5.6 vbDrupal vbDrupal 5.3 vbDrupal vbDrupal 5.2 Drupal Drupal 6.2 Drupal Drupal 6.1 Drupal Drupal 6.0 Drupal Drupal 5.6 Drupal Drupal 5.5 Drupal Drupal 5.4 Drupal Drupal 5.3 Drupal Drupal 5.2 Drupal Drupal 5.1 Drupal Drupal 5.0

Not Vulnerable:	vbDrupal vbDrupal 5.8 Drupal Drupal 6.3 Drupal Drupal 5.8

Discussion

Drupal Multiple Remote Vulnerabilities

Drupal is prone to multiple vulnerabilities including HTML-injection, cross-site scripting, cross-site request-forgery, session-fixation, and SQL-injection issues.

Attackers can exploit these issues to:

- control how the site is rendered to users
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
- steal cookie-based authentication credentials
- hijack a user's session and gain unauthorized access to the affected application.
- carry out unauthorized actions on the underlying database
- compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect Drupal 5.x before 5.8 and Drupal 6.x before 6.3.

Exploit / POC

Drupal Multiple Remote Vulnerabilities

An attacker can exploit these issues via a browser. To exploit some of these issues, the attacker must entice an unsuspecting victim into following a malicious URI.

Solution / Fix

Drupal Multiple Remote Vulnerabilities

Solution:
The vendor has released an advisory and updates. Please see the references for details.

Drupal Drupal 6.1