Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2771

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2771
Last Modified 05 Sep 2008 05:41:10
Published 18 Jun 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2771

Summary

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.

Vulnerable Systems

Application

  • Drupal 5.0

  • Drupal 6.0

  • Drupal Node Hierarchy Module 5

  • Drupal Node Hierarchy Module 6


References

BID - 29675

SECUNIA - 30622

CONFIRM - http://drupal.org/node/269473

XF - node-hierarchy-access-security-bypass(43006)


Last Updated: 27 May 2016 10:47:58