Drupal XML-RPC for PHP Remote Code Injection

high Nessus Plugin ID 18640

Synopsis

The remote web server contains a PHP application that is affected by an arbitrary PHP code injection vulnerability.

Description

The version of Drupal running on the remote web server allows attackers to execute arbitrary PHP code due to a flaw in its bundled XML-RPC library.

Solution

Upgrade to Drupal version 4.5.4 / 4.6.2 or later or remove the 'xmlrpc.php' script.

See Also

http://www.gulftech.org/?node=research&article_id=00088-07022005

http://www.nessus.org/u?76fa882a

Plugin Details

Severity: High

ID: 18640

File Name: drupal_xmlrpc.nasl

Version: 1.27

Type: remote

Family: CGI abuses

Published: 7/8/2005

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:drupal:drupal, cpe:/a:pear:xml_rpc

Required KB Items: www/PHP, installed_sw/Drupal

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/29/2005

Vulnerability Publication Date: 6/29/2005

Exploitable With

Metasploit (PHP XML-RPC Arbitrary Code Execution)

Reference Information

CVE: CVE-2005-1921

BID: 14088