SecurityvulnsSECURITYVULNS:DOC:17650[DRUPAL-SA-2007-017] Drupal 5.2 fixes multiple CSRF vulnerabilities
Drupal security advisory DRUPAL-SA-2007-017
Project: Drupal core
Version: 5.x
Date: 2007-July-26
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple cross site request forgeries
Description
Several parts in Drupal core are not protected against cross site request
forgeries [1] due to inproper use of the Forms API, or by taking action solely
on GET requests. Malicious users are able to delete comments and content
revisions and disable menu items by enticing a privileged users to visit
certain URLs while the victim is logged-in to the targeted site.
Versions affected
- Drupal 5.x versions before Drupal 5.2
Solution
- If you are running Drupal 5.x then upgrade to Drupal 5.2.
http://ftp.drupal.org/files/projects/drupal-5.2.tar.gz
Drupal 4.7.x is not affected.
If you are unable to upgrade immediately, you can apply a patch to secure your
installation until you are able to do a proper upgrade.
- To patch Drupal 5.1 use
http://drupal.org/files/sa-2007-017/SA-2007-017-5.1.patch.
Please note that the patches only contain changes related to this advisory, and
do not fix bugs that were solved in 5.1.
Reported by
Konstantin Kafer reported the menu issue.
The Drupal security team.
Contact
The security contact for Drupal can be reached at security at drupal.org or
using the form at http://drupal.org/contact.
// Heine Deelstra, on behalf of the Drupal Security Team.