CVE-2008-6908 Information

Description

Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13 a module for Drupal uses an insecure hash when signing requests which allows remote attackers to impersonate other users and gain privileges.

Reference

http://drupal.org/node/348295 http://osvdb.org/50743 http://www.securityfocus.com/bid/32894 https://exchange.xforce.ibmcloud.com/vulnerabilities/47458