|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Ports: drupal5|
|Summary:||FreeBSD Ports: drupal5|
|Description:||The remote host is missing an update to the system|
as announced in the referenced advisory.
The following packages are affected:
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x
before 4.7.9 and 5.x before 5.4 allow remote attackers to execute
arbitrary SQL commands via modules that pass input to the
taxonomy_select_nodes function, as demonstrated by the (1)
taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules.
Update your system with the appropriate patches or
Common Vulnerability Exposure (CVE) ID: CVE-2007-6299|
BugTraq ID: 26735
XForce ISS Database: drupal-taxonomy-sql-injection(38884)
XForce ISS Database: vbdrupal-taxonomy-sql-injection(38886)
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.