Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:DOS:DRUPAL-XML-RPC-IEE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Drupal Core XML-RPC Endpoint Internal Entity Expansion Denial of Service |
Release Date |
2014/09/05 |
Update Number |
2416 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Drupal Core XML-RPC Endpoint Internal Entity Expansion Denial of Service
This signature detects attempts to exploit a known vulnerability against Drupal Core XML-RPC. The vulnerability is due to an input validation error when an XML-RPC endpoint handles Internal Entity Expansion. This can cause a very high CPU load and memory exhaustion. A successful attack can result in a denial-of-service condition.
Extended Description
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Affected Products
- Debian debian_linux 7.0
- Drupal drupal 6.0
- Drupal drupal 6.1
- Drupal drupal 6.10
- Drupal drupal 6.11
- Drupal drupal 6.12
- Drupal drupal 6.13
- Drupal drupal 6.14
- Drupal drupal 6.15
- Drupal drupal 6.16
- Drupal drupal 6.17
- Drupal drupal 6.18
- Drupal drupal 6.19
- Drupal drupal 6.2
- Drupal drupal 6.20
- Drupal drupal 6.21
- Drupal drupal 6.22
- Drupal drupal 6.23
- Drupal drupal 6.24
- Drupal drupal 6.25
- Drupal drupal 6.26
- Drupal drupal 6.27
- Drupal drupal 6.28
- Drupal drupal 6.29
- Drupal drupal 6.3
- Drupal drupal 6.30
- Drupal drupal 6.31
- Drupal drupal 6.32
- Drupal drupal 6.4
- Drupal drupal 6.5
- Drupal drupal 6.6
- Drupal drupal 6.7
- Drupal drupal 6.8
- Drupal drupal 6.9
- Drupal drupal 7.0
- Drupal drupal 7.1
- Drupal drupal 7.10
- Drupal drupal 7.11
- Drupal drupal 7.12
- Drupal drupal 7.13
- Drupal drupal 7.14
- Drupal drupal 7.15
- Drupal drupal 7.16
- Drupal drupal 7.17
- Drupal drupal 7.18
- Drupal drupal 7.19
- Drupal drupal 7.2
- Drupal drupal 7.20
- Drupal drupal 7.21
- Drupal drupal 7.22
- Drupal drupal 7.23
- Drupal drupal 7.24
- Drupal drupal 7.25
- Drupal drupal 7.26
- Drupal drupal 7.27
- Drupal drupal 7.28
- Drupal drupal 7.29
- Drupal drupal 7.3
- Drupal drupal 7.30
- Drupal drupal 7.4
- Drupal drupal 7.5
- Drupal drupal 7.6
- Drupal drupal 7.7
- Drupal drupal 7.8
- Drupal drupal 7.9
- Drupal drupal 7.x-dev
- Wordpress wordpress 3.0
- Wordpress wordpress 3.0.1
- Wordpress wordpress 3.0.2
- Wordpress wordpress 3.0.3
- Wordpress wordpress 3.0.4
- Wordpress wordpress 3.0.5
- Wordpress wordpress 3.0.6
- Wordpress wordpress 3.1
- Wordpress wordpress 3.1.1
- Wordpress wordpress 3.1.2
- Wordpress wordpress 3.1.3
- Wordpress wordpress 3.1.4
- Wordpress wordpress 3.2
- Wordpress wordpress 3.2.1
- Wordpress wordpress 3.3
- Wordpress wordpress 3.3.1
- Wordpress wordpress 3.3.2
- Wordpress wordpress 3.3.3
- Wordpress wordpress 3.4.0
- Wordpress wordpress 3.4.1
- Wordpress wordpress 3.4.2
- Wordpress wordpress 3.5.0
- Wordpress wordpress 3.5.1
- Wordpress wordpress 3.6
- Wordpress wordpress 3.6.1
- Wordpress wordpress 3.7
- Wordpress wordpress 3.7.1
- Wordpress wordpress 3.8
- Wordpress wordpress 3.8.1
- Wordpress wordpress 3.9.0
- Wordpress wordpress 3.9.1
References
- CVE: CVE-2014-5265