FreeBSD : drupal -- multiple vulnerabilities (3d8d3548-9d02-11db-a541-000ae42e9b93)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Drupal security team reports :

A few arguments passed via URLs are not properly sanitized before
display. When an attacker is able to entice an administrator to follow
a specially crafted link, arbitrary HTML and script code can be
injected and executed in the victim's session. Such an attack may lead
to administrator access if certain conditions are met.

The way page caching was implemented allows a denial of service
attack. An attacker has to have the ability to post content on the
site. He or she would then be able to poison the page cache, so that
it returns cached 404 page not found errors for existing pages.

If the page cache is not enabled, your site is not vulnerable. The
vulnerability only affects sites running on top of MySQL.

See also :

http://drupal.org/files/sa-2007-001/advisory.txt
http://drupal.org/files/sa-2007-002/advisory.txt
http://www.nessus.org/u?47100388

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 23986 (freebsd_pkg_3d8d35489d0211dba541000ae42e9b93.nasl)

Bugtraq ID:

CVE ID: CVE-2007-0136

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now