|
Family: CGI abuses --> Category: infos
Drupal Privilege Escalation Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks version of Drupal
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is prone to a
privilege escalation issue.
Description :
According to its banner, the version of Drupal installed on the remote
host allows attackers to gain elevated rights, provided public
registration is enabled, due to an improperly-implemented input check.
See also :
http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html
Solution :
Upgrade to Drupal version 4.4.3 / 4.5.3 / 4.6.1 or later.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:N/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|