Drupal Core – Highly Critical: Each Drupal 7 website may be compromised

Posted: October 30, 2014 in Vulnerability News
Tags: , , ,

Drupal vulnerabilitiesDue to the critical vulnerability (CVE-2014-3704) that allows an attacker to gain access to the administrator account, developers are advised to roll back to a backup or recreate the site from scratch.

According to the developers of the popular CMS (content management system) Drupal, all web-sites based on Drupal 7.x can be compromised. The problem is related to a critical vulnerability that could allow an unauthorized user to execute arbitrary SQL-queries to the database resource and uncover the administrator password.

According to the developers, attacks using this breach began immediately after after the announcement October 15 this year. Even those web-sites, which administrators have enough time to apply the update may still be compromised.

Warning: Unless you patched within seven hours, you’re hacked!

According to the Drupal security bulletin, released on 29 October this year, all administrators should assume that their web-sites have been hacked, unless updated or patched before Oct 15th, 11pm UTC. The security team also warned that hackers could create backdoors as a way to guarantee they are the only attacker in control of the web-site.

Also note that simply updating to Drupal 7.32 does not remove these backdoors. In some cases, the hackers themselves update Drupal to version 7.32 in order to eliminate the possibility of losing control of the site.

Drupal Books

The developers recommend to all owners of resources based on Drupal to recover data from a backup or recreate the site from scratch.

The eight-point plan to restore a vulnerable site you can see below:

restore your website


Drupal logoSource: https://www.drupal.org/PSA-2014-003

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s