BID:30689

Drupal Remote Vulnerabilities

Info

Drupal Remote Vulnerabilities

Bugtraq ID:	30689
Class:	Unknown
CVE:	CVE-2008-3740 CVE-2008-3741 CVE-2008-3742 CVE-2008-3743 CVE-2008-3744 CVE-2008-3745
Remote:	Yes
Local:	No
Published:	Aug 13 2008 12:00AM
Updated:	Apr 13 2015 09:52PM
Credit:	Bart Jansens, Mark Burdett, Gábor Hojtsy, Heine Deelstra, Barry Jaspan, Damien Tournoud, John Morahan and Caroline Schnapp.
Vulnerable:	vbDrupal vbDrupal 5.9 Drupal Drupal 6.3 Drupal Drupal 6.2 Drupal Drupal 6.1 Drupal Drupal 6.0 Drupal Drupal 5.9 Drupal Drupal 5.8 Drupal Drupal 5.7 Drupal Drupal 5.6 Drupal Drupal 5.5 Drupal Drupal 5.4 Drupal Drupal 5.3 Drupal Drupal 5.2 Drupal Drupal 5.1 Drupal Drupal 5.0

Not Vulnerable:	vbDrupal vbDrupal 5.10 Drupal Drupal 6.4 Drupal Drupal 5.10

Discussion

Drupal Remote Vulnerabilities

Drupal is prone to multiple vulnerabilities, including arbitrary-file-upload, cross-site scripting, cross-site request-forgery, and privilege-escalation issues.

Attackers can exploit these issues to:

- control how the site is rendered to users
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
- steal cookie-based authentication credentials
- add or delete access control rules
- edit Drupal nodes or delete files
- upload and execute arbitrary server-side script code.

These issues affect Drupal 5.x (before 5.10) and Drupal 6.x (before 6.4).

Exploit / POC

Drupal Remote Vulnerabilities

An attacker can exploit these issues via a browser. To exploit some of these issues, the attacker must entice an unsuspecting victim into following a malicious URI.

Solution / Fix

Drupal Remote Vulnerabilities

Solution:
The vendor has released an advisory and updates. Please see the references for details.

Drupal Drupal 6.1