Feb 22, 2019, 09:50 PM

News:

MyKidsDiary.in :: Capture your kids magical moment and create your Online Private Diary for your kids


Highly critical Drupal CMS bug has left over 1 million sites open to attack

Started by Sudhakar, Apr 02, 2018, 09:25 AM

previous topic - next topic
Go Down

Sudhakar

Highly critical Drupal CMS bug has left over 1 million sites open to attack



The team behind the popular open-source CMS Drupal is urging admins to update their sites to ward off a nasty bug that could leave their sites "highly compromised" to attackers, according to the organization.

The effected versions (Drupal  6, 7 and 8) of the CMS power over one million websites on the internet.

Drupal has marked the security risk as "highly critical" and warns that any visitor to the site could theoretically hack it through remote code execution due to a missing input validation.

"This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised," the group noted in a blog post.

Drupal sent out an alert last week, telling users that they'd be dropping a "highly critical release" this weekend and they should update immediately. The announcement was unusual for Drupal and left developers on high alert for the targeted time frame of the release on Friday. Sites running vulnerable versions of Drupal, should update to Drupal 7.58 or Drupal 8.5.1 as soon as possible to avoid exploits. Drupal notes that they have yet to see any reports of exploits in the wild yet.

The bug's official identifier is CVE-2018-7600 though users on social media have taken to calling it drupalgeddon2, referencing another major release from the org in 2014.

Source : https://techcrunch.com/2018/04/01/highly-critical-cms-bug-has-left-over-1-million-sites-open-to-attack/

Go Up
 

Quick Reply

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Note: this post will not display until it's been approved by a moderator.
Name:
Email:
Verification:
Please leave this box empty:

Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:

shortcuts: alt+s submit/post or alt+p preview
IT Acumens | GinGly :: SMS Backup | Acumen :: Discussion Board | AshokPillar :: Hosting | CineBuzz :: Latest Cinema News | My Kids Diary :: Capture your kids magical moment
Copyright 2005 - 2017 :: IT Acumens :: All Rights Reserved.
ITAcumens Forum with 2 lakhs post running for 10 years - Powered by HostGator Dedicated Server