SynopsisThe remote server is hosting an outdated installation of Drupal that is vulnerable to a Denial of Service (DoS) attack vector.
DescriptionThe version of Drupal installed on the remote server is 7.x prior to 7.20, and is affected by a flaw that may allow a remote denial of service. The issue is triggered during the handling of on-demand generation of image derivatives. This may allow a remote attacker to exhaust server disk space and cause the website to become unresponsive.
SolutionUpgrade to Drupal 7.20 or later.