CVE-2015-2684
https://notcve.org/view.php?id=CVE-2015-2684
Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message. Shibboleth Service Provider (SP) anterior a 2.5.4 permite a usuarios remotos autenticados causar una denegación de servicio (caída) a través de un mensaje SAML manipulado. • http://www.debian.org/security/2015/dsa-3207 http://www.securityfocus.com/bid/73314 https://shibboleth.net/community/advisories/secadv_20150319.txt • CWE-20: Improper Input Validation •
CVE-2013-6440 – Java: XML eXternal Entity (XXE) flaw in ParserPool and Decrypter
https://notcve.org/view.php?id=CVE-2013-6440
The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration. (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter y (4) SAML Decrypter en Shibboleth OpenSAML-Java anterior a 2.6.1 establece la propiedad expandEntityReferences como "true", lo que permite a atacantes remotos realizar ataques de entidad externa XML (XXE) a través de una declaración XML DOCTYPE manipulada. It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. • http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml http://rhn.redhat.com/errata/RHSA-2014-0170.html http://rhn.redhat.com/errata/RHSA-2014-0171.html http://rhn.redhat.com/errata/RHSA-2014-0172.html http://rhn.redhat.com/errata/RHSA-2014-0195.html http://shibboleth.net/community/advisories/secadv_20131213.txt https://bugzilla.redhat.com/show_bug.cgi?id=1043332 https://www.oracle.com/security-alerts/cpujan2022.html https://access • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2011-1411
https://notcve.org/view.php?id=CVE-2011-1411
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack." La librería Shibboleth OpenSAML v2.4.x antes de v2.4.3 y v2.5.x antes de v2.5.1, e IdP antes de v2.3.2, permite a atacantes remotos falsificar mensajes y eludir la autenticación a través de un ataque "XML Signature wrapping" • http://secunia.com/advisories/50994 http://shibboleth.internet2.edu/secadv/secadv_20110725.txt http://www.debian.org/security/2011/dsa-2284 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html • CWE-287: Improper Authentication •
CVE-2011-2516
https://notcve.org/view.php?id=CVE-2011-2516
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow. Error de superación de límite (off-by-one) en la característica de firma XML en Apache XML Security para C++ v1.6.0,usado en Shibboleth anterior a v2.4.3 y posiblemente otros productos, permite a atacantes remotos provocar una denegación de servicio (caída) a través de una firma utilizando una clave RSA larga, que provoca un desbordamiento de búfer. • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063159.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063229.html http://santuario.apache.org/secadv/CVE-2011-2516.txt http://secunia.com/advisories/45151 http://secunia.com/advisories/45191 http://secunia.com/advisories/45198 http://secunia.com/advisories/45491 http://shibboleth.internet2.edu/secadv/secadv_20110706.txt http://www.debian.org/security/2011/dsa-2277 http://www.securityfocus.com/ar • CWE-189: Numeric Errors •