|
Feeds -
Exploits
|
|
Written by Rasool Nasr
|
|
Wednesday, 18 February 2009 20:32 |
RETIRED: Drupal 'install.php' Local File Include Vulnerability
-\\Bugtraq ID:
33685
-\\Class:
Input Validation Error
-\\CVE:
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Feb 09 2009 12:00AM
-\\Updated:
Feb 18 2009 04:58PM
-\\Credit:
Rasool Nasr
-\\Vulnerable:
Drupal Drupal 6.9
-\\Discussion
Drupal is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.
Drupal 6.9 is vulnerable; other versions may also be affected.
UPDATE (February 12, 2009): The vendor indicates that they cannot reproduce this issue. We will update this BID further as more information emerges.
UPDATE (February 18, 2009): The vendor indicates that the issue is not exploitable as described. This BID is retired.
-\\Exploit(s)/PoC(s):
Attackers can exploit this issue via a browser.
The following example URI is available:
http://www.example.com/drupal/install.php?profile=[shell code]%00
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Drupal Homepage
http://drupal.or (Drupal)
--LFI in Drupal CMS
http://www.securityfocus.com/archive/1/50075 (
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
)
--Re: LFI in Drupal CMS
http://www.securityfocus.com/archive/1/50091 (
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
)
--Re: LFI in Drupal CMS
http://www.securityfocus.com/archive/1/50103 (
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
)
|
