FreeBSD : drupal -- multiple vulnerabilities (b3531fe1-2b03-11df-b6db-00248c9b4be7)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Drupal Team reports :

A user-supplied value is directly output during installation allowing
a malicious user to craft a URL and perform a cross-site scripting
attack. The exploit can only be conducted on sites not yet installed.

The API function drupal_goto() is susceptible to a phishing attack. An
attacker could formulate a redirect in a way that gets the Drupal site
to send the user to an arbitrarily provided URL. No user submitted
data will be sent to that URL.

Locale module and dependent contributed modules do not sanitize the
display of language codes, native and English language names properly.
While these usually come from a preselected list, arbitrary
administrator input is allowed. This vulnerability is mitigated by the
fact that the attacker must have a role with the 'administer
languages' permission.

Under certain circumstances, a user with an open session that is
blocked can maintain his/her session on the Drupal site, despite being
blocked.

See also :

http://drupal.org/node/731710
http://www.nessus.org/u?e7eedf7a

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 45009 (freebsd_pkg_b3531fe12b0311dfb6db00248c9b4be7.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now