Drupal Listhandler Module Access Security Bypass Vulnerability

Summary

The Listhandler module for Drupal is prone to a security-bypass vulnerability.

Credit:

The original article can be found at: http://www.securityfocus.com/bid/54376Brian Swaney .


Details

Vulnerable Systems:
 *Drupal Listhandler Module Access Security Bypass Vulnerability

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized access; this may aid in launching further attacks.Listhandler 6.x-1.x versions are vulnerable.

Vendor Status:
Currently we are not aware of any vendor-supplied patches

Disclosure Timeline:
Initial Release: Jul 11 2012

Categories: News