FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal-pubcookie -- authentication may be bypassed

Affected packages
drupal-pubcookie <= 4.6.0_20060210

Details

VuXML ID c0fd7890-4346-11db-89cc-000ae42e9b93
Discovery 2006-09-08
Entry 2006-09-13
Modified 2010-05-12

The Drupal Project reports:

It is possible for a malicious user to spoof a user's identity by bypassing the login redirection mechanism in the pubcookie module. The malicious user may gain the privileges of the user they are spoofing, including the administrative user.

References

CVE Name CVE-2006-4717
URL http://drupal.org/node/83064