Cisco TelePresence Recording Server Software Release 126.96.36.199 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings.
- Advisory ID: DRUPAL-SA-CORE-2011-003
- Project: Drupal core
- Version: 7.x
- Date: 2011-July-27
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Access bypass
Access bypass in private file fields on comments.
Drupal 7 contains two new features: the ability to attach File upload fields to any entity type in the system and the ability to point individual File upload fields to the private file directory.
If a Drupal site is using these features on comments, and the parent node is denied access (either by a node access module or by being unpublished), the file attached to the comment can still be downloaded by non-privileged users if they know or guess its direct URL.
This issue affects Drupal 7.x only.
- Drupal 7.x before version 7.5.
Install the latest version:
- If you are running Drupal 7.x then upgrade to Drupal 7.5 or
The Security Team has released both a pure security update without other bug fixes and a security update combined with other bug fixes and improvements. You can choose to either only include the security update for an immediate fix (which might require less quality assurance and testing) or more fixes and improvements alongside the security fixes by choosing between Drupal 7.5 and Drupal
7.6 7.7. Read the announcement for more information.
See also the Drupal core project page.
- The File access bypass was reported by Florian Weber.
- The File access bypass was fixed by Stéphane Corlosquet and Károly Négyesi, both members of the Drupal security team.
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at http://drupal.org/contact.
Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.
Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by multiple vulnerabilities. Arbitrary Program Execution Vulnerability Local Privilege Escalation Vulnerability Cisco has released free software updates that address these vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.
A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway – Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.