|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 1766 CVE : CVE-2006-5475 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Given : No Credit : Uwe Hermann (uwe hermann-uwe de) Published : 25.10.2006
Advisory Text : ------------------------------------------------------------------------ ---- Drupal security advisory DRUPAL-SA-2006-024 ------------------------------------------------------------------------ ---- Project: Drupal core Date: 2006-Oct-18 Security risk: Moderately critical Exploitable from: Remote Vulnerability: Cross site scripting ------------------------------------------------------------------------ ---- Description ----------- Multiple XSS (cross site scripting) vulnerabilities have been discovered. A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This vulnerability exists on systems that do not use PHP's mb_string extension (to check if mb_string is being used, navigate to admin/settings and look under "String handling"). Disabling the aggregator module provides an immediate workaround. The aggregator module, profile module, and forum module do not properly escape output of certain fields. Note: XSS attacks may lead to administrator access if certain conditions are met. Versions affected ----------------- - Drupal 4.6.x versions before Drupal 4.6.10 - Drupal 4.7.x versions before Drupal 4.7.4 Solution -------- - If you are running Drupal 4.6.x then upgrade to Drupal 4.6.10. http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.6.10.tar.gz - If you are running Drupal 4.7.x then upgrade to Drupal 4.7.4. http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.7.4.tar.gz - To patch Drupal 4.6.9 use http://drupal.org/files/sa-2006-024/4.6.9.patch. - To patch Drupal 4.7.3 use http://drupal.org/files/sa-2006-024/4.7.3.patch. Please note that the patches only contain changes related to this advisory, and do not fix bugs that were solved in 4.6.10 or 4.7.4. Reported by ----------- - The XML parser vulnerability was reported by Erdem Köse. - The forum module vulnerability was reported by Jim Phlew. - The other vulnerabilities were found by members of the Drupal security team. Contact ------- The security contact for Drupal can be reached at security at drupal.org or using the form at http://drupal.org/contact. // Uwe Hermann, on behalf of the Drupal Security Team. -- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFN7DxXdVoV3jWIbQRAm5IAJ0UmC80/DpS0I2WM8q9nPmxZdjtHQCeMiVP jFhf+0xpVQz/7pXwh71hOAo= =5y6Z -----END PGP SIGNATURE-----  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |