Fedora Core 11 FEDORA-2009-9736 (drupal-date) Network Vulnerability

Summary

The remote host is missing an update to drupal-date announced via advisory FEDORA-2009-9736.

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update drupal-date' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9736

Insight

Update Information: * Advisory ID: DRUPAL-SA-CONTRIB-2009-057 ( http://drupal.org/node/579144 ) * Project: Date (third-party module) * Version: 5.x, 6.x * Date: 2009-September-16 * Security risk: Moderately critical * Exploitable from: Remote * Vulnerability: Cross Site Scripting ChangeLog: * Wed Sep 16 2009 Jon Ciesla - 6.x.2.4-0 - Update to new version. - Fix for DRUPAL-SA-CONTRIB-2009-057.

References

http://drupal.org/node/578998
http://drupal.org/node/579000
http://drupal.org/project/date
http://drupal.org/user/45874
http://en.wikipedia.org/wiki/Cross-site_scripting

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Fedora Core 10 FEDORA-2009-4298 (ipsec-tools)
Fedora Core 10 FEDORA-2009-11356 (tomcat6)
Fedora Core 10 FEDORA-2009-2419 (knetworkmanager)
Fedora Core 10 FEDORA-2009-5002 (drupal)
Fedora Core 10 FEDORA-2009-1526 (squid)

Take action and discover your vulnerabilities