Drupal 6.10 and 5.16 released

Submitted by Alex on Wed, 02/25/2009 - 23:52
Tags: 

Drupal 6.10 and 5.16, maintenance releases fixing problems reported using the bug tracking system, as well as a critical security vulnerability, are now available for download.
Drupal 5.16 and 6.10 were released in response to the discovery of a security vulnerability. Details can be found in the official security advisories:

SA-CORE-2009-003

* Advisory ID: DRUPAL-SA-CORE-2009-003
* Project: Drupal core
* Versions: 6.x
* Date: 2009-February-25
* Security risk: Highly Critical
* Exploitable from: Remote
* Vulnerability: Local file inclusion on Windows

Description

This vulnerability exists on Windows, regardless of the type of webserver (Apache, IIS) used.

The Drupal theme system takes URL arguments into account when selecting a template file to use for page rendering. While doing so, it doesn't take into account how Windows arrives at a canonicalized path. This enables malicious users to include files, readable by the webserver and located on the same volume as Drupal, and to execute PHP contained within those files. For example: If a site has uploads enabled, an attacker may upload a file containing PHP code and cause it to be included on a subsequent request by manipulating the URL used to access the site.

Important note: An attacker may also be able to inject PHP code into webserver logs and subsequently include the log file, leading to code execution even if no upload functionality is enabled on the site.
Versions Affected: Drupal 6.x before version 6.10

SA-CORE-2009-004

* Advisory ID: DRUPAL-SA-CORE-2009-004
* Project: Drupal core
* Versions: 5.x
* Date: 2009-February-25
* Security risk: Highly Critical
* Exploitable from: Remote
* Vulnerability: Local file inclusion on Windows
* Reference: SA-CORE-2009-003 (6.x)

Description

This vulnerability exists on Windows, regardless of the type of webserver (Apache, IIS) used.

The Drupal theme system takes URL arguments into account when selecting a template file to use for page rendering. While doing so, it doesn't take into account how Windows arrives at a canonicalized path. This enables malicious users to include files, readable by the webserver and located on the same volume as Drupal, and to execute PHP contained within those files. For example: If a site has uploads enabled, an attacker may upload a file containing PHP code and cause it to be included on a subsequent request by manipulating the URL used to access the site.

Important note: An attacker may also be able to inject PHP code into webserver logs and subsequently include the log file, leading to code execution even if no upload functionality is enabled on the site.
Versions Affected: Drupal 5.x before version 5.16

It is very recommended to upgrade your Drupal installation by doing full upgrade.

Trackback URL for this post:

http://alexisyes.com/trackback/50

Welkom bij Kluswerken.com, voor de beste aannemers van Nederland

from Aannemers on Fri, 08/20/2010 - 15:28

Voor de beste aannemers, schilders, tegelzetters of stukadoors bent u bij Kluswerken aan het juiste adres!

In malgrat de mar vind je de mooiste vakantie plekjes

from Vakantie in spanje on Fri, 09/25/2009 - 17:45

De Spaanse Costa Brava is een ideale bestemming voor een heerlijke vakantie boordevol prachtige excursies. Geniet van zon, zee en strand maar laat u ook meenemen naar eeuwenoude Catalaanse dorpjes en het indrukwekkende Montserratgebergte

No comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.