Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 386171

Summary: www-apps/drupal: multiple vulnerabilities (CVE-2009-{0382,5096},CVE-2010-{3685,3686},CVE-2011-{2687,3730})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~4 [noglsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2011-10-07 23:18:17 UTC 
CVE-2011-3730 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3730):
  Drupal 7.0 allows remote attackers to obtain sensitive information via a
  direct request to a .php file, which reveals the installation path in an
  error message, as demonstrated by
  modules/simpletest/tests/upgrade/drupal-6.upload.database.php and certain
  other files.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-07 23:19:12 UTC 
*** Bug 386173 has been marked as a duplicate of this bug. ***
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2011-10-07 23:19:30 UTC 
CVE-2011-2687 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2687):
  Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access
  restrictions via vectors related to a listing that shows nodes but lacks a
  JOIN clause for the node table.

CVE-2010-3686 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3686):
  The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x
  before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not ensuring
  that fields are signed, which allows remote attackers to bypass
  authentication by leveraging an assertion from an OpenID provider.

CVE-2010-3685 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3685):
  The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x
  before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not checking
  for reuse of openid.response_nonce values, which allows remote attackers to
  bypass authentication by leveraging an assertion from an OpenID provider.

CVE-2009-5096 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5096):
  Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x
  before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web
  script or HTML via the Reason parameter.

CVE-2009-0382 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0382):
  Unspecified vulnerability in Internationalization (i18n) Translation 5.x
  before 5.x-2.5, a module for Drupal, allows remote attackers with "translate
  node" permissions to bypass intended access restrictions and read
  unpublished nodes via unspecified vectors.
Comment 3 Sean Amoss (RETIRED) gentoo-dev Security 2012-11-11 16:28:46 UTC 
Vulnerable versions dropped. 

Closing noglsa for ~arch only.