Vigil@nce - Drupal Secure Cookie Data: changing cookie
February 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use an invalid hash, in order to bypass the
protection of Drupal Secure Cookie Data.
Impacted products: Drupal Modules
Severity: 2/4
Creation date: 23/01/2014
DESCRIPTION OF THE VULNERABILITY
The Secure Cookie Data module can be installed on Drupal.
It uses the HMAC algorithm with a key, to compute the hash of the
cookie. However, the comparison of the HMAC result is incorrect,
and the key is constant.
An attacker can therefore use an invalid hash, in order to bypass
the protection of Drupal Secure Cookie Data.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Drupal-Secure-Cookie-Data-changing-cookie-14123