Scoutnet vzw http://forum.scoutnet.be/ |
|
[Drupal] Security announcements: Outline designer - Privileg http://forum.scoutnet.be/viewtopic.php?f=19&t=2150 |
Pagina 1 van 1 |
Auteur: | To [ 03 Jul 2008 17:35 ] |
Titel: | [Drupal] Security announcements: Outline designer - Privileg |
------------SA-2008-043 - OUTLINE DESIGNER - PRIVILEGE ESCALATION ------------ * Advisory ID: DRUPAL-SA-2008-043 * Project: Outline designer (third-party module) * Version: 5.x * Date: 2008-July-2 * Security risk: Highly critical * Exploitable from: Remote * Vulnerability: Privilege escalation ------------DESCRIPTION------------ The Outline designer module provides a visual way of structuring content in books. A programming error in the module causes the current user to become authenticated as the author of the viewed content item. ------------VERSIONS AFFECTED------------ * Outline designer for Drupal 5.x prior to 5.x-1.4. Drupal core is not affected. If you do not use the contributed Outline designer module, there is nothing you need to do. ------------SOLUTION------------ Install the latest version: * Outline designer 5.x-1.4 [ http://drupal.org/node/277851 ]. See also the Outline designer project page [ http://drupal.org/project/outline_designer ]. ------------CONTACT------------ The security contact for Drupal can be reached at security at drupal.org or via the form at [ http://drupal.org/contact ] and by selecting the security issues category. |
Pagina 1 van 1 | Alle tijden zijn UTC + 1 uur |
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |