subject:"Bug#368835\: drupal\: Execution of arbitrary files in certain Apache configurations"

Bug#368835: drupal: Execution of arbitrary files in certain Apache configurations

2006-06-01 Thread Kevin Dalley

Here is updated information on the bug. The problem takes more work to fix than first reported. REVISION TO DRUPAL-SA-2006-006 * Advisory ID: DRUPAL-SA-2006-007 * Project: Drupal core and potentially any web application that accepts uploads. * Date: 2006-Jun-01 * S

Bug#368835: drupal: Execution of arbitrary files in certain Apache configurations

2006-05-25 Thread Kevin Dalley

Package: drupal Version: 4.5.8-1 Severity: grave Tags: security Justification: user security hole http://drupal.org/node/65409 EXECUTION OF ARBITRARY FILES IN CERTAIN APACHE CONFIGURATIONS * Advisory ID: DRUPAL-SA-2006-006 * Project: Drupal core * Date: 2006-May-24