CVE-2008-6910

Name of the Vulnerable Software and Affected Versions: Drupal module Services versions 5.x before 5.x-0.92 Drupal module Services versions 6.x before 6.x-0.13

Description: The issue allows remote attackers to impersonate other users and gain privileges via a replay attack that sends the same request, due to the lack of timeouts for signed requests.

Recommendations: For versions 5.x before 5.x-0.92, update to version 5.x-0.92 or later to resolve the issue. For versions 6.x before 6.x-0.13, update to version 6.x-0.13 or later to resolve the issue.