Vigil@nce - Drupal Amazon AWS: denial of service
February 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use Drupal Amazon AWS, in order to trigger a
denial of service.
Impacted products: Drupal Modules
Severity: 2/4
Creation date: 29/01/2015
DESCRIPTION OF THE VULNERABILITY
The Amazon AWS module can be installed on Drupal.
However, an attacker can obtain the AWS Access Key Id, in order to
create numerous backups.
An attacker can therefore use Drupal Amazon AWS, in order to
trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Drupal-Amazon-AWS-denial-of-service-16076