CVE-2008-0568

Description

Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.

Affected products

• Drupal / secure_site_module4.7 – 4.7
• Drupal / secure_site_module5.0 – 5.0

References

• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/0377/references
• MISChttp://www.securityfocus.com/bid/27543
• VENDOR_ADVISORYhttp://secunia.com/advisories/28732
• MISChttp://drupal.org/node/216019