[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20061019170806.GF26217@greenwood>
Date: Thu, 19 Oct 2006 19:08:06 +0200
From: Uwe Hermann <uwe@...mann-uwe.de>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk,
phpsec@...arch.com
Subject: [DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes
HTML attribute injection issue
----------------------------------------------------------------------------
Drupal security advisory DRUPAL-SA-2006-026
----------------------------------------------------------------------------
Project: Drupal core
Date: 2006-Oct-18
Security risk: Less critical
Exploitable from: Remote
Vulnerability: HTML attribute injection
----------------------------------------------------------------------------
Description
-----------
A malicious user may entice users to visit a specially crafted URL that may
result in the redirection of Drupal form submission to a third-party site. A
user visiting the user registration page via such a url, for example, will
submit all data, such as his/her e-mail address, but also possible private
profile data, to a third-party site.
Versions affected
-----------------
- Drupal 4.6.x versions before Drupal 4.6.10
- Drupal 4.7.x versions before Drupal 4.7.4
Solution
- If you are running Drupal 4.6.x then upgrade to Drupal 4.6.10.
http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.6.10.tar.gz
- If you are running Drupal 4.7.x then upgrade to Drupal 4.7.4.
http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.7.4.tar.gz
- To patch Drupal 4.6.9 use http://drupal.org/files/sa-2006-026/4.6.9.patch.
- To patch Drupal 4.7.3 use http://drupal.org/files/sa-2006-026/4.7.3.patch.
Please note that the patches only contain changes related to this advisory,
and do not fix bugs that were solved in 4.6.10 or 4.7.4.
Reported by
-----------
Frederic Marand.
Contact
-------
The security contact for Drupal can be reached at security at drupal.org or
using the form at http://drupal.org/contact.
// Uwe Hermann, on behalf of the Drupal Security Team.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists