2 matches found
CVE-2013-0260
CVE-2013-0260 refers to an information-disclosure vulnerability in the Drush Debian Packaging module for Drupal. The connected Drupal advisory (SA-CONTRIB-2013-014) states the module does not sufficiently protect database credentials, and exploitation requires shell access to the server. Affected...
SA-CONTRIB-2013-014 - Drush Debian Packaging - Information Disclosure - Unsupported
This package is a tool to build debian packages from a Drupal instance. The module doesn't sufficiently protect database credentials. This vulnerability is mitigated by the fact that an attacker must have shell access to the server. CVE identifiers issued CVE-2013-0260 Versions affected All...