Detections
Analytics
Drupal Public Comment/Posting Arbitrary PHP Code Execution
medium Nessus Plugin ID 18639
Language:
Synopsis
The remote web server contains a PHP application that is affected by a remote code execution vulnerability.Description
According to its self-reported version number, the version of Drupal running on the remote host is affected by a remote code execution vulnerability. An unspecified flaw allows attackers to embed arbitrary PHP code when submitting a comment or posting, allowing the execution of arbitrary code. Note that successful exploitation requires that public comments or postings be allowed in Drupal.Solution
Upgrade to Drupal version 4.5.4 / 4.6.2 or later.See Also
https://seclists.org/bugtraq/2005/Jun/293
https://www.drupal.org/forum/general/news-and-announcements/2005-06-29/drupal-462-454-released
Plugin Details
Severity: Medium
ID: 18639
File Name: drupal_code_execution.nasl
Version: 1.26
Type: remote
Family: CGI abuses
Published: 7/8/2005
Updated: 4/11/2022
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.2
CVSS v2
Risk Factor: Medium
Base Score: 5.1
Temporal Score: 4.4
Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:drupal:drupal
Required KB Items: www/PHP, Settings/ParanoidReport, installed_sw/Drupal
Exploit Available: true
Exploit Ease: No exploit is required
Vulnerability Publication Date: 6/29/2005
Reference Information
CVE: CVE-2005-2106
BID: 14110