220573 – www-apps/drupal - access bypass

Bug 220573 - www-apps/drupal - access bypass

Summary: www-apps/drupal - access bypass

Status:	RESOLVED DUPLICATE of bug 217223

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://drupal.org/node/244637
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-05-06 12:00 UTC by Baptiste aka mRyOuNg
Modified:	2008-05-06 13:47 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Baptiste aka mRyOuNg 2008-05-06 12:00:53 UTC

I didn't find any cve about it, but there's a SA on drupal site:
http://drupal.org/node/244637

Reproducible: Always

Comment 1 Tomas Hoger 2008-05-06 13:21:05 UTC

Seems to be CVE-2008-1729 / #217223:

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1729

Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-05-06 13:47:15 UTC

(In reply to comment #1)
> Seems to be CVE-2008-1729 / #217223:
> 
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1729
> 

Indeed.

*** This bug has been marked as a duplicate of bug 217223 ***