CVE-2006-2831
CVE-2006-2831
Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://drupal.org/files/sa-2006-007/advisory.txthttp://drupal.org/node/66763http://secunia.com/advisories/21244http://securityreason.com/securityalert/1042http://www.debian.org/security/2006/dsa-1125http://www.securityfocus.com/archive/1/435792/100/0/threadedhttp://www.securityfocus.com/bid/18245