FreeBSD : drupal -- multiple vulnerabilities (3d8d3548-9d02-11db-a541-000ae42e9b93)

medium Nessus Plugin ID 23986

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The Drupal security team reports :

A few arguments passed via URLs are not properly sanitized before display. When an attacker is able to entice an administrator to follow a specially crafted link, arbitrary HTML and script code can be injected and executed in the victim's session. Such an attack may lead to administrator access if certain conditions are met.

The way page caching was implemented allows a denial of service attack. An attacker has to have the ability to post content on the site. He or she would then be able to poison the page cache, so that it returns cached 404 page not found errors for existing pages.

If the page cache is not enabled, your site is not vulnerable. The vulnerability only affects sites running on top of MySQL.

Solution

Update the affected packages.

See Also

http://drupal.org/files/sa-2007-001/advisory.txt

http://drupal.org/files/sa-2007-002/advisory.txt

http://www.nessus.org/u?ef2c88b3

Plugin Details

Severity: Medium

ID: 23986

File Name: freebsd_pkg_3d8d35489d0211dba541000ae42e9b93.nasl

Version: 1.13

Type: local

Published: 1/8/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:drupal, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/5/2007

Vulnerability Publication Date: 1/5/2007

Reference Information

CVE: CVE-2007-0136