FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal -- multiple vulnerabilities

Affected packages
drupal < 3.6.6

Details

VuXML ID 6779e82f-b60b-11da-913d-000ae42e9b93
Discovery 2006-03-13
Entry 2006-03-17

Drupal reports:

Mail header injection vulnerability.

Linefeeds and carriage returns were not being stripped from email headers, raising the possibility of bogus headers being inserted into outgoing email.

This could lead to Drupal sites being used to send unwanted email.

Session fixation vulnerability.

If someone creates a clever enough URL and convinces you to click on it, and you later log in but you do not log off then the attacker may be able to impersonate you.

XSS vulnerabilities.

Some user input sanity checking was missing. This could lead to possible cross-site scripting (XSS) attacks.

XSS can lead to user tracking and theft of accounts and services.

Security bypass in menu.module.

If you use menu.module to create a menu item, the page you point to will be accessible to all, even if it is an admin page.

References

URL http://drupal.org/node/53796
URL http://drupal.org/node/53803
URL http://drupal.org/node/53805
URL http://drupal.org/node/53806