Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 201478 - www-apps/drupal < 5.4 "taxonomy_select_nodes()" SQL Injection
Summary: www-apps/drupal < 5.4 "taxonomy_select_nodes()" SQL Injection
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/27932/
Whiteboard: ~3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-12-06 12:51 UTC by Lars Hartmann
Modified: 2007-12-06 15:16 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Hartmann 2007-12-06 12:51:58 UTC 
A vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "taxonomy_select_nodes()" function is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation requires that a module that passes unsanitised data to "taxonomy_select_nodes()" is installed. Some of these modules are:
* taxonomy_menu
* ajaxLoader
* ubrowser

Solution:
Update to version 5.4.

Reproducible: Always
Comment 1 Lars Hartmann 2007-12-06 13:13:31 UTC 
maintainers - please provide an updated ebuild
Comment 2 Gunnar Wrobel (RETIRED) gentoo-dev 2007-12-06 13:42:16 UTC 
Adding Roy since he is the primary maintainer.
Comment 3 Roy Marples (RETIRED) gentoo-dev 2007-12-06 14:03:50 UTC 
I retired :P
Comment 4 Gunnar Wrobel (RETIRED) gentoo-dev 2007-12-06 14:17:56 UTC 
Ah, okay. I was already wondering why uberlord@gentoo.org didn't work. But I believed our dev list which obviously didn't get updated yet. Thanks for the note. Will take it then.
Comment 5 Gunnar Wrobel (RETIRED) gentoo-dev 2007-12-06 14:41:24 UTC 
drupal-5.4 is in the tree.

The ebuild is unstable on all arches.

The insecure versions were removed.

webapps done here.
Comment 6 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-12-06 15:16:50 UTC 
thanks, closing withoug glsa.