FreeBSD : drupal -- multiple vulnerabilities (bad1b090-a7ca-11de-873f-0030843d3802)

High Nessus Plugin ID 41047


The remote FreeBSD host is missing one or more security-related updates.


Drupal Team reports :

The core OpenID module does not correctly implement Form API for the form that allows one to link user accounts with OpenID identifiers. A malicious user is therefore able to use cross site request forgeries to add attacker controlled OpenID identities to existing accounts.
These OpenID identities can then be used to gain access to the affected accounts.

The OpenID module is not a compliant implementation of the OpenID Authentication 2.0 specification. An implementation error allows a user to access the account of another user when they share the same OpenID 2.0 provider.

File uploads with certain extensions are not correctly processed by the File API. This may lead to the creation of files that are executable by Apache. The .htaccess that is saved into the files directory by Drupal should normally prevent execution. The files are only executable when the server is configured to ignore the directives in the .htaccess file.

Drupal doesn't regenerate the session ID when an anonymous user follows the one time login link used to confirm email addresses and reset forgotten passwords. This enables a malicious user to fix and reuse the session id of a victim under certain circumstances.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 41047

File Name: freebsd_pkg_bad1b090a7ca11de873f0030843d3802.nasl

Version: $Revision: 1.7 $

Type: local

Published: 2009/09/23

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:drupal5, p-cpe:/a:freebsd:freebsd:drupal6, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2009/09/22

Vulnerability Publication Date: 2009/09/17

Reference Information

Secunia: 36776, 36781, 36785, 36786, 36787