Drupal Secure Site Module Authentication Bypass Vulnerability

The Secure Site module for Drupal is prone to an authentication-bypass vulnerability because of an error in the IP-authentication feature.

An attacker can exploit this issue to gain unauthorized access to the affected application. This may lead to further attacks.

This issue affects Secure Site for Drupal 5.x and 4.7.x. Note that Drupal Core without this module is not affected by this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus