The Latest in IT Security

Critical Vulnerabilities Fixed in Drupal 7.29 and 6.32

17
Jul
2014

The security team from Drupal announced on Wednesday that versions of the framework earlier than 7.29 and 6.32 are exposed to risks that would allow an attacker to conduct denial-of-service (DoS) and cross-site scripting attacks and gain access to private files.According to Drupal Security Team, the DoS attack can be deployed by using a malicious HTTP Host header. This is achievable because the validation of the HTTP Host header is not properly conducted, and malcrafted header values could lea…

Related posts:
  1. Highly Critical Vulnerability Fixed with the Release of Drupal 7.26 and 6.30
  2. Drupal sites at risk due to insecure update mechanism
  3. Drupal 7.27 and 6.31 Released to Fix Information Disclosure Vulnerability
  4. Drupal 7.24 and 6.29 Released to Fix Several Vulnerabilities
  5. WordPress and Drupal Fix Common PHP XML Parser Vulnerability

Tags:  
Written by Softpedia
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments