Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Drupal Services Module < 6.x-2.1 Authentication Bypass

Medium

Synopsis

The remote host is vulnerable to a flaw which allows for the bypassing of Authentication

Description

The remote host is running an older version of the Drupal Services module.

There is a flaw in this version of Services which would allow a valid user to access controls and data which belong to another user.

Solution

Upgrade to Drupal Services 6.x-2.1