- Advisory ID: DRUPAL-SA-CONTRIB-2010-100
- Projects: Ubuntu Drupal Theme - Brown
- Version: 5.x, 6.x
- Date: 2010-October-20
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Directory traversal and information disclosure
Description
This Ubuntu Drupal Theme - Brown is designed to mimic the old ubuntu.com. The theme used a PHP file to generate a gradient image on the fly. User input from the URL is not properly validated in this PHP code, leading to a directory traversal vulnerability where the contents of any file readable by the webserver may be displayed to the remote user, potentially revealing sensitive information.
Versions affected
- Ubuntu Drupal Theme - Brown all versions on all branches prior to 6.x-8.1
- Ubuntu Drupal Theme - Brown for Drupal 5.x
Drupal core is not affected. If you do not use the contributed Ubuntu Drupal Theme - Brown, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Ubuntu Drupal Theme - Brown for Drupal 6.x (any prior version on any branch), upgrade to Ubuntu Drupal Theme - Brown 6.x-8.1
- If you use the Ubuntu Drupal Theme - Brown for Drupal 5.x, it is no longer supported and should be disabled or the 6.x fix applied
See also the Ubuntu Drupal Theme - Brown project page.
Reported by
- Steve Foris
Fixed by
- MTecknology, the Ubuntu Drupal theme maintainer
Contact
The security team for Drupal can be reached at security at drupal.org or via the form at http://drupal.org/contact.
Read more about the Security Team and Security Advisories at http://drupal.org/security.
