466741 – drupal: multiple drupal issues in < 6.5,5.11 (SA-2008-060 - CVE-2008-4789, CVE-2008-4790, CVE-2008-4791, CVE-2008-4792, CVE-2008-4793)

Bug 466741 - drupal: multiple drupal issues in < 6.5,5.11 (SA-2008-060 - CVE-2008-4789, CVE-2008-4790, CVE-2008-4791, CVE-2008-4792, CVE-2008-4793)

Summary: drupal: multiple drupal issues in < 6.5,5.11 (SA-2008-060 - CVE-2008-4789, CV...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	468423 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-10-13 11:21 UTC by Tomas Hoger
Modified:	2008-10-30 08:31 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2008-10-30 08:31:26 UTC
Embargoed:

Attachments	(Terms of Use)

Description Tomas Hoger 2008-10-13 11:21:33 UTC

Drupal upstream released new upstream versions 6.5 and 5.11 fixing multiple
security issues described in upstream advisory SA-2008-060:

  http://drupal.org/node/318706

Issues reported:
- File upload access bypass (unprivileged file attach, 6.x)
- File upload access bypass (file disclosure, 5.x)
- Access rules bypass
- BlogAPI access bypass
- Node validation bypass (5.x)

Upstream patches against previous versions:
http://drupal.org/files/sa-2008-060/SA-2008-060-5.10.patch
http://drupal.org/files/sa-2008-060/SA-2008-060-6.4.patch

Comment 1 Fedora Update System 2008-10-16 02:09:18 UTC

drupal-6.5-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 2 Fedora Update System 2008-10-16 02:13:33 UTC

drupal-5.11-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 3 Jan Lieskovsky 2008-10-24 17:53:05 UTC

*** Bug 468423 has been marked as a duplicate of this bug. ***

Comment 4 Tomas Hoger 2008-10-30 08:30:16 UTC

CVEs assigned to these issue:

CVE-2008-4789:
The validation functionality in the core upload module in Drupal 6.x
before 6.5 allows remote authenticated users to bypass intended access
restrictions and "attach files to content," related to a "logic
error."

CVE-2008-4790:
The core upload module in Drupal 5.x before 5.11 allows remote
authenticated users to bypass intended access restrictions and read
"files attached to content" via unknown vectors.

CVE-2008-4791:
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might
allow remote authenticated users to bypass intended login access rules
and successfully login via unknown vectors.

CVE-2008-4792:
The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5
does not properly validate unspecified content fields of an internal
Drupal form, which allows remote authenticated users to bypass
intended access restrictions via modified field values.

CVE-2008-4793:
The node module API in Drupal 5.x before 5.11 allows remote attackers
to bypass node validation and have unspecified other impact via
unknown vectors related to contributed modules.

Comment 5 Tomas Hoger 2008-10-30 08:31:26 UTC

New upstream drupal versions 5.11 / 6.5 were pushed to F8 and F9 stable via:
  https://admin.fedoraproject.org/updates/F8/FEDORA-2008-8905
  https://admin.fedoraproject.org/updates/F9/FEDORA-2008-8852

Note You need to log in before you can comment on or make changes to this bug.