544055 - Drupal Security

Status: RESOLVED FIXED

(Infrastructure & Operations Graveyard :: WebOps: Other, task)

Description

[Alex Buchanan [:abuchanan]]

http://svn.mozilla.org/projects/quality.mozilla.org/trunk/sites/all/modules/menu_breadcrumb/

* Advisory ID: DRUPAL-SA-CONTRIB-2010-013
  * Project: Menu Breadcrumb (third-party module)
  * Version: 6.x
  * Date: 2010-February-03
  * Security risk: Less critical
  * Exploitable from: Remote
  * Vulnerability: Cross Site Scripting

-------- DESCRIPTION  
---------------------------------------------------------

The Menu Breadcrumb module allows to use the menu the current page belongs to
as breadcrumb. The module does not properly sanitize parts of the provided
block, leading to a cross-site scripting (XSS [1]) vulnerability. Such an
attack may lead to a malicious user gaining full administrative access.
Mitigating factors: A user must have a role with the permission /administer
blocks/ to exploit this vulnerability.
-------- VERSIONS AFFECTED  
---------------------------------------------------

  * Menu Breadcrumb for Drupal 6.x prior to 6.x-1.3

Drupal core is not affected. If you do not use the contributed Menu
Breadcrumb module, there is nothing you need to do.
-------- SOLUTION  
------------------------------------------------------------

Upgrade to the latest version:
  * If you use Menu Breadcrumb for Drupal 6.x upgrade to Menu Breadcrumb
    6.x-1.3 [2]

See also the Menu Breadcrumb project page [3].
-------- REPORTED BY  
---------------------------------------------------------

  * mr.baileys [4]

-------- FIXED BY  
------------------------------------------------------------

  * Chris Burgess [5], the module maintainer

-------- CONTACT  
-------------------------------------------------------------

The security contact for Drupal can be reached at security at drupal.org or
via the form at http://drupal.org/contact.

[1] http://en.wikipedia.org/wiki/Cross-site_scripting
[2] http://drupal.org/node/703010
[3] http://drupal.org/project/menu_breadcrumb
[4] http://drupal.org/user/383424
[5] http://drupal.org/user/76026

_______________________________________________
Security-news mailing list
Security-news@drupal.org
http://lists.drupal.org/mailman/listinfo/security-news

Comment 2

[Alex Buchanan [:abuchanan]]

r61689 on trunk.

Comment 3

[Alex Buchanan [:abuchanan]]

Tomcat, would you run through stage and make sure nothing major is broken. (sorry, not sure where specifically this module is used)

After you verify, we'll have IT push the code.

ran updates.php on stage,

"""
The following queries were executed
menu_breadcrumb module
Update #6100

    * No queries

"""

Comment 4

[Carsten Book [:Tomcat]]

Alex, looks fine for me !

Comment 5

[Carsten Book [:Tomcat]]

(In reply to comment #4)
> Alex, looks fine for me !

err meant staging looks good and we are ready for push

Comment 6

[Alex Buchanan [:abuchanan]]

r61721 tagged for production

Comment 7

[Alex Buchanan [:abuchanan]]

Over to IT for the push to production.

IT,

please svn up and run updates.php

Thanks.

Comment 8

[Alex Buchanan [:abuchanan]]

Can we do this today please?

Comment 9

[Jeremy Orem [:oremj]]

A    sites/all/modules/menu_breadcrumb/menu_breadcrumb.install
A    sites/all/modules/menu_breadcrumb/translations/hu.po
U    sites/all/modules/menu_breadcrumb/translations/menu_breadcrumb.pot
U    sites/all/modules/menu_breadcrumb/menu_breadcrumb.info
U    sites/all/modules/menu_breadcrumb/README.txt
U    sites/all/modules/menu_breadcrumb/menu_breadcrumb.module
Updated to revision 61841.

The following queries were executed
menu_breadcrumb module
Update #6100

    * No queries