Bug 1799483 (CVE-2011-2715)

Summary: CVE-2011-2715 drupal: SQL injection due to insufficient sanitization of table names or column names
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: gwync, hello, jsmith.fedora, shawn, stickster
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Data plugin in Drupal. A SQL Injection vulnerability can occur due to insufficient sanitization of table names or column names. The highest threat from this vulnerability is to data confidentiality and integrity.
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-09-10 13:22:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1799484    
Bug Blocks:    

Description Guilherme de Almeida Suckevicz 2020-02-06 17:35:50 UTC
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.

Reference:
https://www.drupal.org/node/1056470

Comment 1 Guilherme de Almeida Suckevicz 2020-02-06 17:36:04 UTC
Created drupal6 tracking bugs for this issue:

Affects: epel-6 [bug 1799484]

Comment 2 Shawn Iwinski 2020-03-23 20:02:38 UTC
This CVE is for 6.20.  EPEL6 has already been at 6.38 for about 4 years (https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-00c45982f6) and in addition several security backports for about a year (https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-67b3f85ea0).

Dependent bug is closed.  Please close this bug as well.

Comment 3 Shawn Iwinski 2021-09-10 04:14:42 UTC
See previous comment... please close this bug