lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTinFOAqsjOSv5=HLqFkADFEyTY5aKwiaWac4gU2H@mail.gmail.com> Date: Fri, 14 Jan 2011 12:40:19 +0800 From: YGN Ethical Hacker Group <lists@...g.net> To: Justin Klein Keane <justin@...irish.net> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Drupal 5.x, 6.x <= Stored Cross Site Scripting Vulnerability On Fri, Jan 14, 2011 at 4:28 AM, Justin Klein Keane <justin@...irish.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Drupal security has been aware of this issue for quite some time now. > But basically, as their response indicates, you need admin access to > exploit these issues. However, if you have admin access you can execute > PHP and basically do anything you want. Your vulnerability hinges on > being able to bypass the CSRF security in place in Drupal. Seems like a > bit of a stretch to release this as an advisory. Why not include the > fact that if you can bypass the CSRF detection you can also execute > arbitrary code with the privileges of the web server? > "If you 0wn a server, you 0wn one machine" "If you 0wn clients, you 0wn thousands of machine". http://cyberinsecure.com/?s=iframe _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists