[Frugalware-git] homepage-ng: FSA357-drupal

Mon, 21 Jan 2008 12:12:42 -0800 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=9585f0cc19acebc01d616f7ffc726a5df913019c

commit 9585f0cc19acebc01d616f7ffc726a5df913019c
Author: voroskoi <[EMAIL PROTECTED]>
Date:   Mon Jan 21 21:12:18 2008 +0100

FSA357-drupal

diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index adcebd3..885d16c 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -27,6 +27,20 @@

<fsas>
<fsa>
+               <id>357</id>
+               <date>2008-01-21</date>
+               <author>voroskoi</author>
+               <package>drupal</package>
+               <vulnerable>5.2-2sayshell2</vulnerable>
+               <unaffected>5.2-2sayshell3</unaffected>
+               <bts>http://bugs.frugalware.org/task/2692</bts>
+               <cve>There is no CVE entry for this issue.</cve>
+               <desc>Some vulnerabilities have been reported in Drupal, which 
can be exploited by malicious people to conduct cross-site scripting, script 
insertion, and cross-site request forgery attacks.
+                       1) Input passed via unspecified parameters to theme 
.tpl.php files is not properly sanitised before being returned to the user. 
This can be exploited to execute arbitrary HTML and script code in a user's 
browser session in context of an affected site. Successful exploitation 
requires that "register_globals" is enabled, and the .htaccess file fails to 
prevent access to .tpl.php files and to disable "register_globals".
+                       2) An error in the text filtering functionality can be 
exploited to bypass the filter via invalid UTF-8 sequences. This can be 
exploited to insert arbitrary HTML and script code, which will be executed in a 
user's browser session in context of an affected site when the malicious data 
is viewed with e.g. Internet Explorer 6.
+                       3) The aggregator module allows users to perform 
certain actions via HTTP GET requests without performing any validity checks to 
verify the request. This can be exploited to e.g. remove items from a 
particular feed when a user visits a specially crafted page.</desc>
+       </fsa>
+       <fsa>
<id>356</id>
<date>2008-01-21</date>
<author>voroskoi</author>
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to