AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
January 07, 2009, 12:34:17 PM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 5328 Members
Latest Member: Manyhinty
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Topic: Drupal XML-RPC library 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Drupal XML-RPC library  (Read 452 times)
Brad
SysAdmin
Tech Team
Hero Member
********
Offline Offline

Posts: 391



View Profile
Drupal XML-RPC library
« on: July 06, 2005, 11:52:42 PM »
Description
-----------
A flaw has been discovered in the third-party XML-RPC library included with
Drupal.  An attacker could execute arbitrary PHP code on a target site.

Versions affected
-----------------
All versions

Solution
--------
Either remove the XML-RPC server, or upgrade to the latest Drupal version:
- If you cannot upgrade immediately, you can secure your site by removing
  the XML-RPC server: simply remove the file 'xmlrpc.php' in the root of
  your Drupal directory.
- If you are running Drupal 4.5.x, then upgrade to Drupal 4.5.4.
- If you are running Drupal 4.6.x, then upgrade to Drupal 4.6.2.

Contact
-------
The security contact for Drupal can be reached at security@drupal.org
or using the form at http://drupal.org/contact.
Logged
Mambo Hosting Resources
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Topic: Drupal XML-RPC library « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!