oss-sec mailing list archives

CVE Request -- Drupal (v6.x based) Views module - SQL injection due improper escaping of database parameters for certain filters / arguments (SA-CONTRIB-2011-052)

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 04 Nov 2011 11:49:16 +0100

Hello Kurt, Steve, vendors,

  a SQL injection flaw was found in the way the views module for the
Drupal (v6.x based), open-source content-management platform, performed
sanitization of the database parameters for certain filters / arguments
on certain types of views with specific configuration of arguments. A
remote attacker could provide a specially-crafted SQL query, which once
processed by the Drupal system instance could lead to arbitrary SQL
commands execution.

References:
[1] http://drupal.org/node/1329898
[2] http://drupal.org/node/1329846
[3] https://bugzilla.redhat.com/show_bug.cgi?id=751325

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

CVE Request -- Drupal (v6.x based) Views module - SQL injection due improper escaping of database parameters for certain filters / arguments (SA-CONTRIB-2011-052) Jan Lieskovsky (Nov 04)
- Re: CVE Request -- Drupal (v6.x based) Views module - SQL injection due improper escaping of database parameters for certain filters / arguments (SA-CONTRIB-2011-052) Kurt Seifried (Nov 04)