Follow:

Latest articles in ‘Drupal’


  1. Drupageddon revisited: a new path from SQL injection to remote command execution (CVE-2014-3704)

    Published: Thu 16 November 2017 in Cookbook.
    Background explanations and a more efficient way to exploit Drupageddon, aka. CVE-2014-3704, Drupal SA-CORE-2014-005.

    Usually Drupal teams do a great job into ensuring a reasonable security level to their users. Most of the Drupal critical vulnerabilities come from community modules, modules which are hosted on a central place where the ones not conforming with Drupal security requirement get a specific red banner (“This module is unsupported due to a security issue the maintainer didn’t fix.”) and are tagged as abandoned.

    However, mistakes still happen, as Stefan Horst discovered in 2014 when he found out the Drupageddon vulnerability, also known as CVE-2014-3704 and Drupal SA-CORE-2014-005.

    I find this vulnerability quite interesting as it is an SQL injection vulnerability affecting Drupal core which relies on PDO for its database accesses which, in theory, should make it immune to such vulnerability.

    Moreover, we will see that Drupal’s features allow to extend this vulnerability way further than a simple SQL injection. We will …

Popular tags see all

Website

Author

Follow