CVE-2010-3685 Information

Description

The OpenID module in Drupal 6.x before 6.18 and the OpenID module 5.x before 5.x-1.4 for Drupal violates the OpenID 2.0 protocol by not checking for reuse of openid.response_nonce values which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.

Reference

http://drupal.org/node/880476 http://drupal.org/node/880480 http://marc.info/?l=oss-security&m=128418560705305&w=2 http://marc.info/?l=oss-security&m=128440896914512&w=2 http://www.debian.org/security/2010/dsa-2113 http://www.securityfocus.com/bid/42388