CVE-2010-3091

The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not verifying the openid.return_to value, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
drupaldrupal
6.0
drupaldrupal
6.0:beta1
drupaldrupal
6.0:beta2
drupaldrupal
6.0:beta3
drupaldrupal
6.0:beta4
drupaldrupal
6.0:dev
drupaldrupal
6.0:rc1
drupaldrupal
6.0:rc2
drupaldrupal
6.0:rc3
drupaldrupal
6.0:rc4
drupaldrupal
6.1
drupaldrupal
6.2
drupaldrupal
6.3
drupaldrupal
6.4
drupaldrupal
6.5
drupaldrupal
6.6
drupaldrupal
6.7
drupaldrupal
6.8
drupaldrupal
6.9
drupaldrupal
6.10
drupaldrupal
6.11
drupaldrupal
6.12
drupaldrupal
6.13
drupaldrupal
6.14
drupaldrupal
6.15
drupaldrupal
6.16
drupaldrupal
6.17
peter_wolaninopenid
5.x-1.0:x
peter_wolaninopenid
5.x-1.1:x
peter_wolaninopenid
5.x-1.2:x
peter_wolaninopenid
5.x-1.3:x
peter_wolaninopenid
5.x-1.x:x
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
drupal6
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
ignored
jaunty
ignored
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://drupal.org/node/880476
http://drupal.org/node/880480
http://marc.info/?l=oss-security&m=128418560705305&w=2
http://marc.info/?l=oss-security&m=128440896914512&w=2
http://www.debian.org/security/2010/dsa-2113
http://www.securityfocus.com/bid/42388
http://drupal.org/node/880476
http://drupal.org/node/880480
http://marc.info/?l=oss-security&m=128418560705305&w=2
http://marc.info/?l=oss-security&m=128440896914512&w=2
http://www.debian.org/security/2010/dsa-2113
http://www.securityfocus.com/bid/42388