Vulnerabilities > CVE-2006-2743 - Input Validation vulnerability in Drupal

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
drupal
nessus
exploit available

Summary

Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory. Successful exploitation requires that the "mod_mime" module is installed in Apache, and that a " .htaccess" file has not been used to restrict access to the directory. This vulnerability is addressed in the following product releases: Drupal, Drupal, 4.7.1 Drupal, Drupal, 4.6.7

Exploit-Db

descriptionDrupal <= 4.7 (attachment mod_mime) Remote Exploit. CVE-2006-2743. Webapps exploit for php platform
fileexploits/php/webapps/1821.php
idEDB-ID:1821
last seen2016-01-31
modified2006-05-24
platformphp
port
published2006-05-24
reporterrgod
sourcehttps://www.exploit-db.com/download/1821/
titleDrupal <= 4.7 attachment mod_mime Remote Exploit
typewebapps

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1125.NASL
    descriptionThe Drupal update in DSA 1125 contained a regression. This update corrects this flaw. For completeness, the original advisory text below : Several remote vulnerabilities have been discovered in the Drupal website platform, which may lead to the execution of arbitrary web script. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-2742 A SQL injection vulnerability has been discovered in the
    last seen2020-06-01
    modified2020-06-02
    plugin id22667
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22667
    titleDebian DSA-1125-2 : drupal - several vulnerabilities
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_40A0185FEC3211DABE02000C6EC775D9.NASL
    descriptionThe Drupal team reports : Vulnerability: SQL injection A security vulnerability in the database layer allowed certain queries to be submitted to the database without going through Drupal
    last seen2020-06-01
    modified2020-06-02
    plugin id21647
    published2006-06-06
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21647
    titleFreeBSD : drupal -- multiple vulnerabilities (40a0185f-ec32-11da-be02-000c6ec775d9)