4 matches found
CVE-2010-3092
The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to bypass the intended restrictions on downloading a file by uploading a different file with a similar...
Debian: Security Advisory (DSA-2113-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3092
CVE-2010-3092 affects Drupal 5.x before 5.23 and 6.x before 6.18. The issue arises in the upload module due to improper case-insensitive filename handling in a database configuration, allowing remote authenticated users to bypass file-download restrictions by uploading a differently named file wi...
[SECURITY] [DSA 2113-1] New drupal6 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2113-1 [email protected] http://www.debian.org/security/ Steffen Joeris September 20, 2010 http://www.debian.org/security/faq -...