Issues the date: 2008-07-09
Renewal date: 2008-07-11
Is affected the system:
Drupal Drupal 6.x
Drupal Drupal 5.x
Not affected system:
Drupal Drupal 6.3
Drupal Drupal 5.8
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30168
Drupal is a section of open sound code content manages the platform.
In Drupal has many input confirmation mistake, possibly allows the malicious user to carry out the cross station script, the cross station request forge, the conversation to be fixed, SQL pours into with the script pours into the attack.
1) Drupal has not filtered correctly transmits for classified glossary certain inputs, this possibly causes to pour into willfully HTML and the script code and carries out in the user browser conversation.
2) Drupal has not filtered certain inputs which OpenID provider provides then to return correctly has given the user, this possibly causes to pour into willfully HTML and the script code and carries out in the user browser conversation.
3) the user may carry out certain operations through the HTTP request, if will register the user to be deceived visits malicious stand to cause to delete OpenID or the transformation string of character.
4), if user after following the specially made link registers, in the conversation processing mistake possibly causes to kidnap other users the conversation.
5) in Schema API in digit field's input confirmation wrong possibly causes SQL to pour into the crack.
<* origin: John Morahan
Link: http://secunia.com/advisories/31028/
http://drupal.org/node/280571
*>
Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:
Drupal
------
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading:
http://ftp.drupal.org/files/projects/drupal-5.8.tar.gz
http://ftp.drupal.org/files/projects/drupal-6.3.tar.gz
http://drupal.org/files/sa-2008-044/SA-2008-044-5.7.patch
http://drupal.org/files/sa-2008-044/SA-2008-044-6.2.patch
|