PT-2006-5495 · Drupal · Drupal

Eric Drechsel

Publicado

2006-09-12

Atualizado

2011-03-08

CVE-2006-4717

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Drupal 4.7 Pubcookie module versions prior to 1.2.2.4 Drupal 4.6 Pubcookie module versions prior to 1.6.2.1

Description The login redirection mechanism in the Pubcookie module allows remote attackers to bypass authentication requirements and spoof identities of arbitrary users via unspecified vectors.

Recommendations For Drupal 4.7 Pubcookie module versions prior to 1.2.2.4, update to version 1.2.2.4 or later. For Drupal 4.6 Pubcookie module versions prior to 1.6.2.1, update to version 1.6.2.1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-4717

Produtos afetados

Drupal

PT-2006-5495 · Drupal · Drupal

CVE-2006-4717

Identificadores relacionados

Produtos afetados

Referências · 6