This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:drupal:drupal:6.0:rc-4
Detail
Vendor Drupal First view 2008-04-11
Product Drupal Last view 2014-01-24
Version 6.0 Type Application
Edition  
Language  
Update rc-4  
 
CPE Product cpe:/a:drupal:drupal

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.5 2014-01-24 CVE-2014-1475 Network Low None Requ...
6.8 2012-03-28 CVE-2007-6752 Network Medium None Requ...
3.5 2009-12-21 CVE-2009-4370 Network Medium Requires ...
3.5 2009-12-21 CVE-2009-4369 Network Medium Requires ...
5 2009-07-08 CVE-2009-2374 Network Low None Requ...
Hide | Show 9 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.3 2009-07-08 CVE-2009-2373 Network Medium None Requ...
6.5 2009-07-08 CVE-2009-2372 Network Low Requires ...
4.3 2009-05-06 CVE-2009-1576 Network Medium None Requ...
4.3 2009-05-06 CVE-2009-1575 Network Medium None Requ...
6 2008-10-29 CVE-2008-4792 Network Medium Requires ...
6 2008-10-29 CVE-2008-4791 Network Medium Requires ...
6 2008-10-29 CVE-2008-4789 Network Medium Requires ...
6.8 2008-07-18 CVE-2008-3222 Network Medium None Requ...
5.8 2008-04-11 CVE-2008-1729 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
36% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
27% (3)CWE-264Permissions, Privileges, and Access Controls
9% (1)CWE-352Cross-Site Request Forgery (CSRF)
9% (1)CWE-287Improper Authentication
9% (1)CWE-255Credentials Management
Hide | Show 1 More...
%idName
9% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:7856DSA-1792 drupal6 -- multiple vulnerabilities
oval:org.mitre.oval:def:13542DSA-1792-1 drupal6 -- multiple
oval:org.mitre.oval:def:7333DSA-1930 drupal6 -- several vulnerabilities
oval:org.mitre.oval:def:13660DSA-1930-1 drupal6 -- several vulnerabilities
oval:org.mitre.oval:def:22156DSA-2851-1 drupal6 - impersonation

Open Source Vulnerability Database (OSVDB)

idDescription
61105Drupal Core Menu Module Admin Page Unspecified XSS
61104Drupal Core Contact Module Admin Page Category Parameter XSS
55525Drupal Core User Signature Format Weakness
55524Drupal Core Forum Module Unspecified XSS
54153Drupal Core Form Submission Unspecified Information Disclosure
Hide | Show 6 More...
idDescription
54152Drupal Core UTF-7 Unspecified XSS
49523Drupal Core BlogAPI Module Internal Form Field Value Manipulation Remote Auth...
49522Drupal User Module Unspecified Login Access Rules Remote Authentication Bypass
48999Drupal Core Upload Module Unprivileged Content File Attachment Weakness
46945Drupal User Module Session Fixation
44270Drupal Menu System Handler Security Bypass

OpenVAS Exploits

idDescription
2009-12-30Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal515.nasl
2009-11-11Name : Debian Security Advisory DSA 1930-1 (drupal6)
File : nvt/deb_1930_1.nasl
2009-07-15Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal513.nasl
2009-07-15Name : Drupal Information Disclosure Vulnerability
File : nvt/gb_drupal_info_disclosure_vuln.nasl
2009-07-15Name : Drupal XSS and Code Injection Vulnerability
File : nvt/gb_drupal_xss_n_code_inj_vuln.nasl
Hide | Show 9 More...
idDescription
2009-05-11Name : Debian Security Advisory DSA 1792-1 (drupal6)
File : nvt/deb_1792_1.nasl
2009-05-05Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal511.nasl
2009-05-05Name : Fedora Core 10 FEDORA-2009-4175 (drupal)
File : nvt/fcore_2009_4175.nasl
2009-05-02Name : Drupal HTML Injection and Information Disclosure Vulnerabilities
File : nvt/drupal_34779.nasl
2009-02-17Name : Fedora Update for drupal FEDORA-2008-6411
File : nvt/gb_fedora_2008_6411_drupal_fc8.nasl
2009-02-17Name : Fedora Update for drupal FEDORA-2008-6415
File : nvt/gb_fedora_2008_6415_drupal_fc9.nasl
2009-02-17Name : Fedora Update for drupal FEDORA-2008-6916
File : nvt/gb_fedora_2008_6916_drupal_fc8.nasl
2008-11-04Name : Drupal Core Multiple Vulnerabilities
File : nvt/gb_drupal_mult_vuln_oct08.nasl
2008-11-01Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal58.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-B-0006Multiple Security Vulnerabilities in Drupal
Severity : Category II - VMSKEY : V0043618

Snort® IPS/IDS

DateDescription
2014-01-10OpenEngine filepool.php remote file include attempt
RuleID : 27196 - Type : SERVER-WEBAPP - Revision : 2

Nessus® Vulnerability Scanner

idDescription
2014-02-16Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-031.nasl - Type : ACT_GATHER_INFO
2014-02-03Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2851.nasl - Type : ACT_GATHER_INFO
2014-01-23Name : The remote web server hosts a PHP application that is affected by a security ...
File : drupal_6_30.nasl - Type : ACT_GATHER_INFO
2014-01-23Name : The remote web server hosts a PHP application that is affected by multiple vu...
File : drupal_7_26.nasl - Type : ACT_GATHER_INFO
2014-01-21Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2847.nasl - Type : ACT_GATHER_INFO
Hide | Show 11 More...
idDescription
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1930.nasl - Type : ACT_GATHER_INFO
2009-12-27Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_751823d4f18911de934400248c9b4be7.nasl - Type : ACT_GATHER_INFO
2009-07-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_be9272986f9711deb444001372fd0af2.nasl - Type : ACT_GATHER_INFO
2009-05-08Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1792.nasl - Type : ACT_GATHER_INFO
2009-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2009-4175.nasl - Type : ACT_GATHER_INFO
2009-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2009-4203.nasl - Type : ACT_GATHER_INFO
2009-05-01Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7a1ab8d435c111de96720030843d3802.nasl - Type : ACT_GATHER_INFO
2008-10-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_12efc567987911dda5e70030843d3802.nasl - Type : ACT_GATHER_INFO
2008-08-01Name : The remote Fedora host is missing a security update.
File : fedora_2008-6916.nasl - Type : ACT_GATHER_INFO
2008-07-16Name : The remote Fedora host is missing a security update.
File : fedora_2008-6411.nasl - Type : ACT_GATHER_INFO
2008-07-16Name : The remote Fedora host is missing a security update.
File : fedora_2008-6415.nasl - Type : ACT_GATHER_INFO