Lucene search
FreeBSDC0FD7890-4346-11DB-89CC-000AE42E9B93HistorySep 08, 2006 - 12:00 a.m.
drupal-pubcookie -- authentication may be bypassed
2006-09-0800:00:00
vuxml.freebsd.org
16
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.023
Percentile
89.7%
The Drupal Project reports:
It is possible for a malicious user to spoof a user’s
identity by bypassing the login redirection mechanism in the
pubcookie module. The malicious user may gain the privileges
of the user they are spoofing, including the administrative
user.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | drupal-pubcookie | <= 4.6.0_20060210 | UNKNOWN |
References
Related
nessus
nessus
openvas
openvas
FreeBSD Ports: drupal-pubcookie
2008-09-04 00:00:00
FreeBSD Ports: drupal-pubcookie
2008-09-04 00:00:00
cvelist
cvelist
CVE-2006-4717
2006-09-12 16:00:00
cve
cve
CVE-2006-4717
2006-09-12 16:07:00
nvd
nvd
CVE-2006-4717
2006-09-12 16:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.023
Percentile
89.7%
Related for C0FD7890-4346-11DB-89CC-000AE42E9B93