Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 19 Mar 2012 12:22:06 -0600
From: Kurt Seifried <>
CC: Henri Salo <>
Subject: Re: CVE-request: Drupal Finder SA-CONTRIB-2012-017

On 03/16/2012 01:38 AM, Henri Salo wrote:
> Can we assign CVE-identifier for this vulnerability (SA-CONTRIB-2012-017)?

Please use CVE-2012-1561 for this issue.

> Description
> Finder is a Drupal module that allows users to create faceted search forms. The module's autocomplete, checkbox, and radio button functionalities previously did not sanitize the output of fields and raw database values.
> In addition, users with the "administer finder" permission were able to execute arbitrary code through a PHP import interface; specific PHP execution permissions were not required.Updated: This issue affected only the 7.x branch of code. The 6.x branch used the permission "administer finder PHP settings" which is sufficiently clear that it allows execution of PHP code.
> Versions affected
> Finder 6.x-1.x prior to 6.x-1.26
> Finder 7.x-1.x versions (all)
> Finder 7.x-2.x versions prior to 7.x-2.0-alpha8
> Drupal core is not affected. If you do not use the contributed Finder module, there is nothing you need to do.
> Project: Finder (third-party module)
> Date: 2012-February-08
> Security risk: Moderately critical
> Exploitable from: Remote
> Vulnerability: Cross Site Scripting, Arbitrary PHP code execution, Multiple vulnerabilities
> - Henri Salo

Kurt Seifried Red Hat Security Response Team (SRT)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ