1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
PublicDate: 2008-08-27
Candidate: CVE-2008-3744
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3744
http://drupal.org/node/295053
Description:
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x
before 5.10 and 6.x before 6.4 allow remote attackers to hijack the
authentication of administrators for requests that (1) add or (2) delete
user access rules.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_drupal:
upstream_drupal: needs-triage
dapper_drupal: ignored (reached end-of-life)
feisty_drupal: needed (reached end-of-life)
gutsy_drupal: DNE
hardy_drupal: DNE
intrepid_drupal: DNE
jaunty_drupal: DNE
karmic_drupal: DNE
devel_drupal: DNE
Patches_drupal5:
upstream_drupal5: released (5.10)
dapper_drupal5: DNE
feisty_drupal5: DNE
gutsy_drupal5: needed (reached end-of-life)
hardy_drupal5: released (5.7-1ubuntu1.2)
intrepid_drupal5: not-affected
jaunty_drupal5: not-affected
karmic_drupal5: not-affected
devel_drupal5: DNE
|