Bug 466741 - drupal: multiple drupal issues in < 6.5,5.11 (SA-2008-060 - CVE-2008-4789, CVE-2008-4790, CVE-2008-4791, CVE-2008-4792, CVE-2008-4793)
Summary: drupal: multiple drupal issues in < 6.5,5.11 (SA-2008-060 - CVE-2008-4789, CV...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
: 468423 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-10-13 11:21 UTC by Tomas Hoger
Modified: 2008-10-30 08:31 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-10-30 08:31:26 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Tomas Hoger 2008-10-13 11:21:33 UTC 
Drupal upstream released new upstream versions 6.5 and 5.11 fixing multiple
security issues described in upstream advisory SA-2008-060:

  http://drupal.org/node/318706

Issues reported:
- File upload access bypass (unprivileged file attach, 6.x)
- File upload access bypass (file disclosure, 5.x)
- Access rules bypass
- BlogAPI access bypass
- Node validation bypass (5.x)

Upstream patches against previous versions:
http://drupal.org/files/sa-2008-060/SA-2008-060-5.10.patch
http://drupal.org/files/sa-2008-060/SA-2008-060-6.4.patch
Comment 1 Fedora Update System 2008-10-16 02:09:18 UTC 
drupal-6.5-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 2 Fedora Update System 2008-10-16 02:13:33 UTC 
drupal-5.11-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 3 Jan Lieskovsky 2008-10-24 17:53:05 UTC 
*** Bug 468423 has been marked as a duplicate of this bug. ***
Comment 4 Tomas Hoger 2008-10-30 08:30:16 UTC 
CVEs assigned to these issue:

CVE-2008-4789:
The validation functionality in the core upload module in Drupal 6.x
before 6.5 allows remote authenticated users to bypass intended access
restrictions and "attach files to content," related to a "logic
error."

CVE-2008-4790:
The core upload module in Drupal 5.x before 5.11 allows remote
authenticated users to bypass intended access restrictions and read
"files attached to content" via unknown vectors.

CVE-2008-4791:
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might
allow remote authenticated users to bypass intended login access rules
and successfully login via unknown vectors.

CVE-2008-4792:
The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5
does not properly validate unspecified content fields of an internal
Drupal form, which allows remote authenticated users to bypass
intended access restrictions via modified field values.

CVE-2008-4793:
The node module API in Drupal 5.x before 5.11 allows remote attackers
to bypass node validation and have unspecified other impact via
unknown vectors related to contributed modules.
Comment 5 Tomas Hoger 2008-10-30 08:31:26 UTC 
New upstream drupal versions 5.11 / 6.5 were pushed to F8 and F9 stable via:
  https://admin.fedoraproject.org/updates/F8/FEDORA-2008-8905
  https://admin.fedoraproject.org/updates/F9/FEDORA-2008-8852
Note You need to log in before you can comment on or make changes to this bug.