4 matches found
Debian Security Advisory DSA 1125-2 (drupal)
The remote host is missing an update to drupal announced via advisory DSA 1125-2. The Drupal update in DSA 1125 contained a regression. This update corrects this flaw. For completeness, the original advisory text below: Several remote vulnerabilities have been discovered in the Drupal web site...
DSA-1125 drupal - several
Bulletin has no description...
CVE-2006-2831
Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743...
CVE-2006-2831
CVE-2006-2831 affects Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2. Under certain Apache configurations (e.g., FileInfo overrides disabled in .htaccess), uploading a file with multiple extensions can lead to remote arbitrary code execution, a variant of CVE-2006-2743. The OpenVAS/ Debian advi...