Secunia

Some vulnerabilities have been reported in the LDAP Integration module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks and bypass certain security restrictions.

1) Certain input passed to user defined server names is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

2) The module allows users to perform certain actions via HTTP requests without performing any validation checks to verify the requests. This can be exploited to e.g. activate or deactivate an LDAP server.

3) An error in the handling of access permissions of user LDAP data can be exploited to access otherwise restricted content.

4) An error in the handling of access permissions of user management can be exploited to access otherwise restricted content.

The vulnerabilities are reported in versions prior to 6.x-1.0-beta2 and 5.x-1.5.

Solution
LDAP Integration 6.x:
Further details available in Customer Area

Provided and/or discovered by
1) The vendor credits Jakub Suchy of the Drupal Security Team.
2) The vendor credits Stéphane Corlosquet of the Drupal Security Team.
3) The vendor credits Christian A. Reiter and Matt Vance.
4) The vendor credits Kevin Murphy.

Original Advisory
SA-CONTRIB-2009-084:
http://drupal.org/node/617386

Deep Links
Links available in Customer Area