Lucene search
GoogleOSV:DSA-745-1HistoryJul 10, 2005 - 12:00 a.m.
drupal - arbitrary command execution
2005-07-1000:00:00
Google
osv.dev
11
0.956 High
EPSS
Percentile
99.4%
Two input validation errors were discovered in drupal and its bundled
xmlrpc module. These errors can lead to the execution of arbitrary
commands on the web server running drupal.
drupal was not included in the old stable distribution (woody).
For the current stable distribution (sarge), these problems have been
fixed in version 4.5.3-3.
For the unstable distribution (sid), these problems have been fixed in
version 4.5.4-1.
We recommend that you upgrade your drupal package.
References
Related
nessus
nessus
Debian DSA-745-1 : drupal - input validation errors
2005-07-10 00:00:00
freebsd
freebsd
drupal -- PHP code execution vulnerabilities
2005-06-29 00:00:00
pear-XML_RPC -- arbitrary remote code execution
2005-06-29 00:00:00
postnuke -- multiple vulnerabilities
2005-05-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-745-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 745-1 (drupal)
2008-01-17 00:00:00
FreeBSD Ports: drupal
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 745-1] New drupal package fixes multiple vulnerabilities
2005-07-10 03:54:23
[SECURITY] [DSA 745-1] New drupal package fixes multiple vulnerabilities
2005-07-10 03:54:23
[SECURITY] [DSA 747-1] New egroupware packages fix remote command execution
2005-07-10 17:41:55
securityvulns
securityvulns
Advisory 02/2005: Remote code execution in Serendipity
2005-06-30 00:00:00
[Full-disclosure] [ GLSA 200507-06 ] TikiWiki: Arbitrary command execution through XML-RPC
2005-07-07 00:00:00
Advisory 02/2005: Remote code execution in Serendipity
2005-07-01 00:00:00
slackware
slackware
PHP
2005-07-11 17:25:23
gentoo
gentoo
phpWebSite: Multiple vulnerabilities
2005-07-10 00:00:00
TikiWiki: Arbitrary command execution through XML-RPC
2005-07-06 00:00:00
phpGroupWare, eGroupWare: PHP script injection vulnerability
2005-07-10 00:00:00
wpvulndb
wpvulndb
WordPress <= 1.5.1.2 - XMLRPC Eval Injection
2005-06-29 00:00:00
checkpoint_advisories
checkpoint_advisories
LupperA XMLRPC Propagation Request Code Execution - Ver2 (CVE-2005-1921)
2015-03-26 00:00:00
suse
suse
remote code execution in php/pear XML::RPC
2005-07-08 15:32:35
remote code execution in php4, php5
2005-08-30 14:35:22
local command execution, authentication bypass, in apache2
2005-09-12 13:00:50
patchstack
patchstack
WordPress <= 1.3.0 - Eval Injection
2005-06-08 00:00:00
packetstorm
packetstorm
PHP XML-RPC Arbitrary Code Execution
2009-10-30 00:00:00
cvelist
cvelist
ubuntucve
ubuntucve
nvd
nvd
cve
cve
cert
cert
Multiple PHP XML-RPC implementations vulnerable to code injection
2005-07-06 00:00:00
exploitpack
exploitpack
PHPXMLRPC 1.1 - Remote Code Execution
2015-07-02 00:00:00
ubuntu
ubuntu
PHP XMLRPC vulnerability
2005-07-05 00:00:00
exploitdb
exploitdb
PHPXMLRPC < 1.1 - Remote Code Execution
2015-07-02 00:00:00
centos
centos
php security update
2005-07-07 20:36:04
redhat
redhat
(RHSA-2005:564) php security update
2005-07-07 00:00:00
osv
osv
php4 - several
2005-08-29 00:00:00