Drupal Node Parameter Control Module Access Bypass Vulnerability
BID:58477
Info
Drupal Node Parameter Control Module Access Bypass Vulnerability
| Bugtraq ID: | 58477 |
| Class: | Access Validation Error |
| CVE: |
CVE-2013-1859 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 13 2013 12:00AM |
| Updated: | Mar 15 2013 05:55AM |
| Credit: | Talbot |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Drupal Node Parameter Control Module Access Bypass Vulnerability
The Node Parameter Control module for Drupal is prone to an access-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Node Parameter Control 6.x-1.x versions are vulnerable; other versions may also be affected.
The Node Parameter Control module for Drupal is prone to an access-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Node Parameter Control 6.x-1.x versions are vulnerable; other versions may also be affected.
Exploit / POC
Drupal Node Parameter Control Module Access Bypass Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
Drupal Node Parameter Control Module Access Bypass Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Drupal Node Parameter Control Module Access Bypass Vulnerability
References:
References:
- Drupal Homepage (Drupal)