About the Webform SA
Today we released a security announcement about a Webform SQL Injection vulnerability outside of the normal release schedule on Wednesday.I chose to release today with a minimal fix instead of waiting...
View ArticleIn doubt? Read the specs!
Specifications should be a major part of the foundation we built on. Unfortunately, we're a bit loose with our adherence to specs. (Writer is guilty too).While this was written before, I've decided to...
View ArticleHomeopathie & Influenza tijdens pandemie 1918 - Opinie Feb 2012 Arts & Auto
De Opinie in de Arts & Auto (Feb 2012) —een uitgave van de Vereniging voor Arts, Kwakzalver & Auto (VvAA)— verwijst naar een publicatie van Dewey over het homeopatisch behandelen van Influenza...
View ArticleDrupal CSRF Exploit reported on packetstorm
On March 2nd 2012, security researcher Ivano Binetti published an advisory on Drupal 7 anti-CSRF measures. He/She rightly identified the long standing Logout CSRF annoyance (#144538), but the rest of...
View ArticleBounties: What to do with a high impact Drupal vulnerability?
The security landscape is changing. There's been on and off talk about bounties for security vulnerabilities and some firms already buy vulnerabilities (SecuriTeam, ZDI). This also causes me to...
View ArticleExplaining the Drupal < 7.16 Installer vulnerability
SA-CORE-2012-003 fixes an issue in the Drupal installer that enables an attacker to cause the site to use a different attacker-controlled database. The installer vulnerability was found while preparing...
View ArticleSolving getting bogus dates via MSSQL_QUERY
If you get bogus dates back from MSSQL, make sure PHP is compiled against the FreeTDS libary that's currently in use. If not, recompile PHP.
View ArticleFrom bug to exploit - Bakery SSO
I recently evaluated the Bakery Single Sign-On System aka Bakery SSO aka Bakery on behalf of clients. This article describes how I moved from finding a small weakness in version 2.x-alpha-3 to an...
View ArticleLazy loading: hook_hook_info is for hook owners only.
I've recently seen some recommendations to use hook_hook_info to provide "groups" to core-provided hooks so you can move your module's implementations of those hooks to $module.$group.inc. A poor-mans...
View ArticleOther vectors for SA-CORE-2014-005?
This is intended a comment on Acquia's Learning from hackers a week after the Drupal SQL Injection announcement, but mollom prevents me from posting it there. In it, scor asks:An open question is...
View Article
