Drupal database.pgsql.inc Multiple Variable SQL Injection

2006-05-18T05:34:00
ID OSVDB:27592
Type osvdb
Reporter OSVDB
Modified 2006-05-18T05:34:00

Description

Solution Description

Upgrade to version 4.6.7, 4.7.1 or higher, as it has been reported to fix this vulnerability. In addition, Drupal has released a patch for some older versions.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:20140 Secunia Advisory ID:21244 Related OSVDB ID: 27593 Related OSVDB ID: 25908 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0841.html Keyword: DRUPAL-SA-2006-005 ISS X-Force ID: 26654 FrSIRT Advisory: ADV-2006-1975 CVE-2006-2742 Bugtraq ID: 18245