Drupal XML-RPC for PHP Remote Code Injection

High Nessus Plugin ID 18640

Synopsis

The remote web server contains a PHP application that is affected by an arbitrary PHP code injection vulnerability.

Description

The version of Drupal running on the remote web server allows attackers to execute arbitrary PHP code due to a flaw in its bundled XML-RPC library.

Solution

Upgrade to Drupal version 4.5.4 / 4.6.2 or later or remove the 'xmlrpc.php' script.

See Also

http://www.gulftech.org/?node=research&article_id=00088-07022005

http://www.nessus.org/u?76fa882a

Plugin Details

Severity: High

ID: 18640

File Name: drupal_xmlrpc.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 2005/07/08

Updated: 2018/11/28

Dependencies: 18638

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:drupal:drupal, cpe:/a:pear:xml_rpc

Required KB Items: installed_sw/Drupal, www/PHP

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2005/06/29

Vulnerability Publication Date: 2005/06/29

Exploitable With

Metasploit (PHP XML-RPC Arbitrary Code Execution)

Reference Information

CVE: CVE-2005-1921

BID: 14088