Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Drupal 7.x < 7.24 Multiple Vulnerabilities

Medium

Synopsis

The remote server is hosting an outdated installation of Drupal that is vulnerable to multiple attack vectors.

Description

The version of Drupal installed on the remote server is 7.x prior to 7.24, and is affected by the following vulnerabilities :

- A flaw exists in unspecified configurations for Apache Web Servers that can cause the .htaccess file that would normally protect against code execution to be ignored. This may allow a remote attacker to more easily execute code on a system that is vulnerable to malicious file uploads. (OSVDB 100031) - A flaw exists in the 'drupal_valid_token()' function that is triggered when the TRUE value is returned for invalid security tokens if the caller fails to ensure that the token is a string. This may allow a remote attacker to bypass security token validation. (OSVDB 100032) - A flaw exists that allows a stored cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via the image field description in the image module. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. (OSVDB 100033) - A flaw exists that allows a reflected XSS attack. This flaw exists because the application does not validate certain unspecified input related to the color module before returning it to the user. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. (OSVDB 100034) - A flaw exists in the overlay module that is due to the module failing to sanitize URLs before administrative pages are layered over current pages instead of replacing them. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appears to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs. (OSVDB 100035) - A flaw exists in the form API that is due to the program failing to properly implement CSRF protection when a third-party module uses form validation callbacks with potentially unsafe operations. This may allow a context-dependent attacker to bypass protections against CSRF attacks. (OSVDB 100036)

Solution

Upgrade to Drupal 7.24 or later.