Debian DSA-745-1 : drupal - input validation errors
High Nessus Plugin ID 18655
SynopsisThe remote Debian host is missing a security-related update.
DescriptionTwo input validation errors were discovered in drupal and its bundled xmlrpc module. These errors can lead to the execution of arbitrary commands on the web server running drupal.
drupal was not included in the old stable distribution (woody).
SolutionUpgrade the drupal package.
For the current stable distribution (sarge), these problems have been fixed in version 4.5.3-3.