Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- From: Valdis.Kletnieks@xxxxxx
- Date: Thu, 29 Jan 2009 11:17:38 -0500
On Thu, 29 Jan 2009 09:15:46 EST, "Justin C. Klein Keane" said:
Two flaws exist in this module. The first flaw allows for an attacker....
to upload arbitrary files to the filesystem. The vulnerability allows
attackers to upload arbitrary files in place of the 'Default image'
specified in the Imagefield specifications for a content type field.
Attackers must be authenticated with an account that has 'administer
content types' permissions.
Umm.. what's the risk here? Does the flaw allow the attacker to upload
files that wouldn't be permitted even as the authorized account? Seems if
they can administer content types, they can drop pretty much whatever they
want onto the server (possibly limited as to where in the tree though), and
all this does is let them drop stuff outside said tree?
Attachment:
pgpxbImeIaKCs.pgp
Description: PGP signature
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- From: Justin C. Klein Keane
- Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- References:
- [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- From: Justin C. Klein Keane
- [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- Prev by Date: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- Next by Date: Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- Previous by thread: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- Next by thread: Re: [Full-disclosure] Drupal Imagefield Module Multiple Vulnerabilities
- Index(es):
Loading
