 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2006-2831 |
| Description: | Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.57163 1.3.6.1.4.1.25623.1.0.57161 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-2831 BugTraq ID: 18245 http://www.securityfocus.com/bid/18245 Bugtraq: 20060602 [DRUPAL-SA-2006-007] Drupal 4.6.8 / 4.7.2 fixes arbitrary file execution issue (Google Search) http://www.securityfocus.com/archive/1/435792/100/0/threaded Debian Security Information: DSA-1125 (Google Search) http://www.debian.org/security/2006/dsa-1125 http://secunia.com/advisories/21244 http://securityreason.com/securityalert/1042 |