Drupal Security TeamDRUPAL-SA-CONTRIB-2010-098SA-CONTRIB-2010-098 - Memcache - Multiple vulnerabilities
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
50.0%
The Memcache project provides an alternative cache backend which works with memcached program to speed up high traffic sites.
The memcache backend caches the current $user object a little too aggressively, which can lead to a role change not being recognized until the user logs in again.
The memcache_admin module does not sanitize some of the user supplied data before displaying it, leading to a Cross Site Scripting (XSS) vulnerability which can be used by a malicious user to gain full administrative access.
CVE identifier(s) issued
- CVE-2010-5276 for the user role issue
- CVE-2010-5275 for the XSS issue
Versions affected
- Memcache for Drupal 6.x versions prior to 6.x-1.6
- Memcache for Drupal 5.x versions prior to 5.x-1.10
Drupal core is not affected. If you do not use the contributed Memcache backend there is nothing you need to do.
Solution
Install the latest version:
- If you use the Memcache for Drupal 6.x, upgrade to Memcache 6.x-1.6
- If you use the Memcache for Drupal 5.x, upgrade to Memcache 5.x-2.10
See also the Memcache project page.
Reported by
- Justin James Grevich (jgrevich)
- Moshe Weitzman, of the Drupal Security Team
Fixed by
- Robert Douglass (robertDouglass), module maintainer
- Moshe Weitzman, of the Drupal Security Team
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
50.0%