FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal-pubcookie -- authentication may be bypassed

Affected packages
drupal-pubcookie <= 4.6.0_20060210

Details

VuXML ID c0fd7890-4346-11db-89cc-000ae42e9b93
Discovery 2006-09-08
Entry 2006-09-13
Modified 2010-05-12

The Drupal Project reports:

It is possible for a malicious user to spoof a user's identity by bypassing the login redirection mechanism in the pubcookie module. The malicious user may gain the privileges of the user they are spoofing, including the administrative user.

[source]

References

CVE Name CVE-2006-4717
URL http://drupal.org/node/83064

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.