The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not checking for reuse of openid.response_nonce values, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.0 | 6.0 |
Drupal | Drupal | 6.1 | 6.1 |
Drupal | Drupal | 6.2 | 6.2 |
Drupal | Drupal | 6.3 | 6.3 |
Drupal | Drupal | 6.4 | 6.4 |
Drupal | Drupal | 6.5 | 6.5 |
Drupal | Drupal | 6.6 | 6.6 |
Drupal | Drupal | 6.7 | 6.7 |
Drupal | Drupal | 6.8 | 6.8 |
Drupal | Drupal | 6.9 | 6.9 |
Drupal | Drupal | 6.10 | 6.10 |
Drupal | Drupal | 6.11 | 6.11 |
Drupal | Drupal | 6.12 | 6.12 |
Drupal | Drupal | 6.13 | 6.13 |
Drupal | Drupal | 6.14 | 6.14 |
Drupal | Drupal | 6.15 | 6.15 |
Drupal | Drupal | 6.16 | 6.16 |
Drupal | Drupal | 6.17 | 6.17 |
Drupal5 | Ubuntu | hardy | * |
Drupal5 | Ubuntu | jaunty | * |
Drupal5 | Ubuntu | karmic | * |
Drupal5 | Ubuntu | upstream | * |
Drupal6 | Ubuntu | jaunty | * |
Drupal6 | Ubuntu | karmic | * |
Drupal6 | Ubuntu | lucid | * |
Drupal6 | Ubuntu | upstream | * |