Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
http://www.vupen.com/english/advisories/2008/0377/references
http://www.securityfocus.com/bid/27543