FreeBSD : drupal-pubcookie -- authentication may be bypassed (c0fd7890-4346-11db-89cc-000ae42e9b93)
High Nessus Plugin ID 22342
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Drupal Project reports :
It is possible for a malicious user to spoof a user's identity by bypassing the login redirection mechanism in the pubcookie module. The malicious user may gain the privileges of the user they are spoofing, including the administrative user.
SolutionUpdate the affected package.