CVE-2018-19794
https://notcve.org/view.php?id=CVE-2018-19794
Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter. Vulnerabilidad Cross-Site Scripting (XSS) en UiV2Public.index en Internet2 Grouper 2.2 y 2.3 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el parámetro code. • https://bugs.internet2.edu/jira/browse/GRP-1838 https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html https://spaces.at.internet2.edu/display/Grouper/v2.4+issues • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-6440 – Java: XML eXternal Entity (XXE) flaw in ParserPool and Decrypter
https://notcve.org/view.php?id=CVE-2013-6440
The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration. (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter y (4) SAML Decrypter en Shibboleth OpenSAML-Java anterior a 2.6.1 establece la propiedad expandEntityReferences como "true", lo que permite a atacantes remotos realizar ataques de entidad externa XML (XXE) a través de una declaración XML DOCTYPE manipulada. It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. • http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml http://rhn.redhat.com/errata/RHSA-2014-0170.html http://rhn.redhat.com/errata/RHSA-2014-0171.html http://rhn.redhat.com/errata/RHSA-2014-0172.html http://rhn.redhat.com/errata/RHSA-2014-0195.html http://shibboleth.net/community/advisories/secadv_20131213.txt https://bugzilla.redhat.com/show_bug.cgi?id=1043332 https://www.oracle.com/security-alerts/cpujan2022.html https://access • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2009-3300
https://notcve.org/view.php?id=CVE-2009-3300
Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via URLs that are encountered in redirections, and appear in automatically generated forms. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Identity Provider (IdP) v1.3.x anteriores a v1.3.4 y v2.x anteriores a v2.1.5, y el Service Provider v1.3.x anteriores a v1.3.5 y v2.x anteriores a v2.3, en Internet2 Middleware Initiative Shibboleth permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante URLs que se encuentran en redirecciones, y aparecen en formularios generados automáticamente. • http://secunia.com/advisories/37237 http://shibboleth.internet2.edu/secadv/secadv_20091104.txt http://www.debian.org/security/2009/dsa-1947 http://www.vupen.com/english/advisories/2009/3150 https://exchange.xforce.ibmcloud.com/vulnerabilities/54140 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2009-3475
https://notcve.org/view.php?id=CVE-2009-3475
Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. El software Internet2 Shibboleth Service Provider v1.3.x anterior a v1.3.3 y v2.x anterior a v2.2.1, cuando se utiliza la validación de confianza PKIX, no controla correctamente un caracter '\0' en los campos subject o subjectAltName de un certificado, lo cual permite a atacantes remotos hombre-en-el-medio (man-in-the-middle) suplantar servidores SSL a su elección a través de certificados manipulados expedidos por una Autoridad de Certificación, un tema relacionado con CVE-2009-2408. • http://secunia.com/advisories/36855 http://secunia.com/advisories/36861 http://secunia.com/advisories/36876 http://shibboleth.internet2.edu/secadv/secadv_20090817.txt http://www.debian.org/security/2009/dsa-1895 http://www.debian.org/security/2009/dsa-1896 • CWE-310: Cryptographic Issues •
CVE-2009-3476
https://notcve.org/view.php?id=CVE-2009-3476
Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL. Desbordamiento de búfer en OpenSAML anterior a v1.1.3 utilizado en Internet2 Shibboleth Service Provider software v1.3.x anterior a v1.3.4, y XMLTooling anterior a v1.2.2 utilizado en Internet2 Shibboleth Service Provider software v2.x anterior a 2.2.1, permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección a través de una URL codificada mal formada. • http://secunia.com/advisories/36869 http://secunia.com/advisories/36870 http://shibboleth.internet2.edu/secadv/secadv_20090826.txt http://www.securityfocus.com/bid/36514 https://exchange.xforce.ibmcloud.com/vulnerabilities/53471 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •