Vulnerability Name:

CCN-53376

Published:2009-09-16
Updated:2009-09-16
Summary:Drupal could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the File API. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary script code on the vulnerable system.
CVSS v3 Severity:4.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.0 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P)
4.4 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: SA-CORE-2009-008
Drupal core - Multiple vulnerabilitie

Source: CCN
Type: SA36781
Drupal Multiple Vulnerabilities

Source: CCN
Type: SA36785
Drupal Session Fixation Vulnerability

Source: CCN
Type: OSVDB ID: 58222
Drupal Core OpenID Module Account Creation CSRF

Source: CCN
Type: OSVDB ID: 58223
Drupal Core OpenID Module Shared Provider Arbitrary User Authentication Bypass

Source: CCN
Type: OSVDB ID: 58224
Drupal Crafted Extension File Upload Arbitrary Code Execution

Source: CCN
Type: OSVDB ID: 58225
Drupal One Time Login Link Anonymous User Session Fixation

Source: CCN
Type: BID-36431
Drupal Arbitrary File Upload and Session Fixation Vulnerabilities

Source: XF
Type: UNKNOWN
drupal-fileapi-file-upload(53376)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:drupal:drupal:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.2:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.3:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.4:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.6:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.9:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.7:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.10:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.11:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.12:*:*:*:*:*:*:*
  • OR cpe:/a:drupal:drupal:6.13:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    drupal drupal 6.0
    drupal drupal 6.2
    drupal drupal 6.1
    drupal drupal 6.3
    drupal drupal 6.4
    drupal drupal 6.5
    drupal drupal 6.6
    drupal drupal 6.9
    drupal drupal 6.7
    drupal drupal 6.10
    drupal drupal 6.11
    drupal drupal 6.12
    drupal drupal 6.13