FreeBSD : drupal -- multiple vulnerabilities (3d8d3548-9d02-11db-a541-000ae42e9b93)

NASLDB: FreeBSD : drupal -- multiple vulnerabilities (3d8d3548-9d02-11db-a541-000ae42e9b93)

General

ID: 23986
Name: FreeBSD : drupal — multiple vulnerabilities (3d8d3548-9d02-11db-a541-000ae42e9b93)

Summary: Checks for updated packages in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: –

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

The Drupal security team reports :

A few arguments passed via URLs are not properly sanitized before
display. When an attacker is able to entice an administrator to follow
a specially crafted link, arbitrary HTML and script code can be
injected and executed in the victim’s session. Such an attack may lead
to administrator access if certain conditions are met.

The way page caching was implemented allows a denial of service
attack. An attacker has to have the ability to post content on the
site. He or she would then be able to poison the page cache, so that
it returns cached 404 page not found errors for existing pages.

If the page cache is not enabled, your site is not vulnerable. The
vulnerability only affects sites running on top of MySQL.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2007-0136
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2007/01/05
Patch Release: 2007/01/05
Plugin Release: 2007/01/08

Plugin

Version: 1.9
Filename: freebsd_pkg_3d8d35489d0211dba541000ae42e9b93.nasl
Filesize: 4971 bytes
MD5 Hash: 7599c5fcc28778f58fed6800193a93ec

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"

Latest Plugins

Latest Plugins

scip AG