ID B202E4CE-3114-11E5-AA32-0026551A22DC Type freebsd Reporter FreeBSD Modified 2015-07-21T00:00:00
Description
Shibboleth consortium reports:
Shibboleth SP software crashes on well-formed but invalid XML.
The Service Provider software contains a code path with an uncaught
exception that can be triggered by an unauthenticated attacker by
supplying well-formed but schema-invalid XML in the form of SAML
metadata or SAML protocol messages. The result is a crash and so
causes a denial of service.
You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or
later. The easiest way to do so is to update the whole chain including
shibboleth-2.5.5 an opensaml2.5.5.
{"id": "B202E4CE-3114-11E5-AA32-0026551A22DC", "bulletinFamily": "unix", "title": "shibboleth-sp -- DoS vulnerability", "description": "\nShibboleth consortium reports:\n\n\n\t Shibboleth SP software crashes on well-formed but invalid XML.\n\t \n\n\t The Service Provider software contains a code path with an uncaught\n\t exception that can be triggered by an unauthenticated attacker by\n\t supplying well-formed but schema-invalid XML in the form of SAML\n\t metadata or SAML protocol messages. The result is a crash and so\n\t causes a denial of service.\n\t \n\n\t You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or\n\t later. The easiest way to do so is to update the whole chain including\n\t shibboleth-2.5.5 an opensaml2.5.5.\n\t \n\n", "published": "2015-07-21T00:00:00", "modified": "2015-07-21T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "href": "https://vuxml.freebsd.org/freebsd/b202e4ce-3114-11e5-aa32-0026551a22dc.html", "reporter": "FreeBSD", "references": ["http://shibboleth.net/community/advisories/secadv_20150721.txt"], "cvelist": ["CVE-2015-2684"], "type": "freebsd", "lastseen": "2019-05-29T18:33:08", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-2684"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703207", "OPENVAS:703207"]}, {"type": "debian", "idList": ["DEBIAN:DLA-259-1:F4CB5", "DEBIAN:BSA-103:52DD1", "DEBIAN:DSA-3207-1:75122"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31947", "SECURITYVULNS:VULN:14415"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3207.NASL", "DEBIAN_DLA-259.NASL", "FREEBSD_PKG_B202E4CE311411E5AA320026551A22DC.NASL"]}, {"type": "kaspersky", "idList": ["KLA10521"]}], "modified": "2019-05-29T18:33:08", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2019-05-29T18:33:08", "rev": 2}, "vulnersScore": 5.5}, "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "xmltooling", "packageVersion": "1.5.5"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "shibboleth-sp", "packageVersion": "2.5.5"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "opensaml2", "packageVersion": "2.5.5"}], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T06:21:23", "description": "Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.", "edition": 6, "cvss3": {}, "published": "2015-03-31T14:59:00", "title": "CVE-2015-2684", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2684"], "modified": "2016-12-03T03:05:00", "cpe": ["cpe:/a:shibboleth:service_provider:2.5.3", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2015-2684", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2684", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:shibboleth:service_provider:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}], "kaspersky": [{"lastseen": "2020-09-02T11:57:26", "bulletinFamily": "info", "cvelist": ["CVE-2015-2684"], "description": "### *Detect date*:\n03/31/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nAn unspecified vulnerability was found in Shibboleth SP. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed SAML message.\n\n### *Affected products*:\nShibboleth Service Provider (SP) versions earlier than 2.5.4\n\n### *Solution*:\nUpdate to the latest version \n[Get Shibboleth SP](<https://wiki.shibboleth.net/confluence/display/SHIB2/Installation>)\n\n### *Original advisories*:\n[Shibboleth advisory](<https://shibboleth.net/community/advisories/secadv_20150319.txt>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Shibboleth Service Provider](<https://threats.kaspersky.com/en/product/Shibboleth-Service-Provider/>)\n\n### *CVE-IDS*:\n[CVE-2015-2684](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2684>)4.0Warning", "edition": 41, "modified": "2020-05-22T00:00:00", "published": "2015-03-31T00:00:00", "id": "KLA10521", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10521", "title": "\r KLA10521Denial of service vulnerability in Shibboleth SP ", "type": "kaspersky", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2684"], "description": "A denial of service vulnerability\nwas found in the Shibboleth (an federated identity framework) Service Provider.\nWhen processing certain malformed SAML message generated by an authenticated\nattacker, the daemon could crash.", "modified": "2019-03-18T00:00:00", "published": "2015-03-28T00:00:00", "id": "OPENVAS:1361412562310703207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703207", "type": "openvas", "title": "Debian Security Advisory DSA 3207-1 (shibboleth-sp2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3207.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3207-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703207\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-2684\");\n script_name(\"Debian Security Advisory DSA 3207-1 (shibboleth-sp2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-28 00:00:00 +0100 (Sat, 28 Mar 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3207.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"shibboleth-sp2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthis problem has been fixed in version 2.4.3+dfsg-5+deb7u1.\n\nFor the upcoming stable distribution (jessie), this problem has been\nfixed in version 2.5.3+dfsg-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.5.3+dfsg-2.\n\nWe recommend that you upgrade your shibboleth-sp2 packages.\");\n script_tag(name:\"summary\", value:\"A denial of service vulnerability\nwas found in the Shibboleth (an federated identity framework) Service Provider.\nWhen processing certain malformed SAML message generated by an authenticated\nattacker, the daemon could crash.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-shib2\", ver:\"2.4.3+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libshibsp-dev\", ver:\"2.4.3+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libshibsp-doc\", ver:\"2.4.3+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libshibsp5:amd64\", ver:\"2.4.3+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libshibsp5:i386\", ver:\"2.4.3+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"shibboleth-sp2-schemas\", ver:\"2.4.3+dfsg-5+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:53:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2684"], "description": "A denial of service vulnerability\nwas found in the Shibboleth (an federated identity framework) Service Provider.\nWhen processing certain malformed SAML message generated by an authenticated\nattacker, the daemon could crash.", "modified": "2017-07-07T00:00:00", "published": "2015-03-28T00:00:00", "id": "OPENVAS:703207", "href": "http://plugins.openvas.org/nasl.php?oid=703207", "type": "openvas", "title": "Debian Security Advisory DSA 3207-1 (shibboleth-sp2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3207.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3207-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703207);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-2684\");\n script_name(\"Debian Security Advisory DSA 3207-1 (shibboleth-sp2 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-03-28 00:00:00 +0100 (Sat, 28 Mar 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3207.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"shibboleth-sp2 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 2.4.3+dfsg-5+deb7u1.\n\nFor the upcoming stable distribution (jessie), this problem has been\nfixed in version 2.5.3+dfsg-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.5.3+dfsg-2.\n\nWe recommend that you upgrade your shibboleth-sp2 packages.\");\n script_tag(name: \"summary\", value: \"A denial of service vulnerability\nwas found in the Shibboleth (an federated identity framework) Service Provider.\nWhen processing certain malformed SAML message generated by an authenticated\nattacker, the daemon could crash.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-shib2\", ver:\"2.4.3+dfsg-5+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libshibsp-dev\", ver:\"2.4.3+dfsg-5+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libshibsp-doc\", ver:\"2.4.3+dfsg-5+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libshibsp5:amd64\", ver:\"2.4.3+dfsg-5+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libshibsp5:i386\", ver:\"2.4.3+dfsg-5+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"shibboleth-sp2-schemas\", ver:\"2.4.3+dfsg-5+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-12T09:43:35", "description": "A denial of service vulnerability was found in the Shibboleth (an\nfederated identity framework) Service Provider. When processing\ncertain malformed SAML message generated by an authenticated attacker,\nthe daemon could crash.\n\nFor the Debian 6 'Squeeze' distribution, this problem has\nbeen fixed in version 2.3.1+dfsg-5+deb6u1.\n\nWe recommend that you upgrade your shibboleth-sp2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 15, "published": "2015-06-30T00:00:00", "title": "Debian DLA-259-1 : shibboleth-sp2 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2684"], "modified": "2015-06-30T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libshibsp-dev", "p-cpe:/a:debian:debian_linux:shibboleth-sp2-schemas", "p-cpe:/a:debian:debian_linux:libshibsp4", "p-cpe:/a:debian:debian_linux:libapache2-mod-shib2", "p-cpe:/a:debian:debian_linux:libshibsp-doc"], "id": "DEBIAN_DLA-259.NASL", "href": "https://www.tenable.com/plugins/nessus/84448", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-259-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84448);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2684\");\n script_bugtraq_id(73314);\n\n script_name(english:\"Debian DLA-259-1 : shibboleth-sp2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service vulnerability was found in the Shibboleth (an\nfederated identity framework) Service Provider. When processing\ncertain malformed SAML message generated by an authenticated attacker,\nthe daemon could crash.\n\nFor the Debian 6 'Squeeze' distribution, this problem has\nbeen fixed in version 2.3.1+dfsg-5+deb6u1.\n\nWe recommend that you upgrade your shibboleth-sp2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/06/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/shibboleth-sp2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-shib2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libshibsp-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libshibsp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libshibsp4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:shibboleth-sp2-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-shib2\", reference:\"2.3.1+dfsg-5+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libshibsp-dev\", reference:\"2.3.1+dfsg-5+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libshibsp-doc\", reference:\"2.3.1+dfsg-5+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libshibsp4\", reference:\"2.3.1+dfsg-5+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"shibboleth-sp2-schemas\", reference:\"2.3.1+dfsg-5+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:49:10", "description": "Shibboleth consortium reports :\n\nShibboleth SP software crashes on well-formed but invalid XML.\n\nThe Service Provider software contains a code path with an uncaught\nexception that can be triggered by an unauthenticated attacker by\nsupplying well-formed but schema-invalid XML in the form of SAML\nmetadata or SAML protocol messages. The result is a crash and so\ncauses a denial of service.\n\nYou must rebuild opensaml and shibboleth with xmltooling-1.5.5 or\nlater. The easiest way to do so is to update the whole chain including\nshibboleth-2.5.5 an opensaml2.5.5.", "edition": 21, "published": "2015-07-27T00:00:00", "title": "FreeBSD : shibboleth-sp -- DoS vulnerability (b202e4ce-3114-11e5-aa32-0026551a22dc)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2684"], "modified": "2015-07-27T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:shibboleth-sp", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:opensaml2", "p-cpe:/a:freebsd:freebsd:xmltooling"], "id": "FREEBSD_PKG_B202E4CE311411E5AA320026551A22DC.NASL", "href": "https://www.tenable.com/plugins/nessus/84995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84995);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-2684\");\n\n script_name(english:\"FreeBSD : shibboleth-sp -- DoS vulnerability (b202e4ce-3114-11e5-aa32-0026551a22dc)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shibboleth consortium reports :\n\nShibboleth SP software crashes on well-formed but invalid XML.\n\nThe Service Provider software contains a code path with an uncaught\nexception that can be triggered by an unauthenticated attacker by\nsupplying well-formed but schema-invalid XML in the form of SAML\nmetadata or SAML protocol messages. The result is a crash and so\ncauses a denial of service.\n\nYou must rebuild opensaml and shibboleth with xmltooling-1.5.5 or\nlater. The easiest way to do so is to update the whole chain including\nshibboleth-2.5.5 an opensaml2.5.5.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://shibboleth.net/community/advisories/secadv_20150721.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/b202e4ce-3114-11e5-aa32-0026551a22dc.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c5174534\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:opensaml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:shibboleth-sp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:xmltooling\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"xmltooling<1.5.5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"opensaml2<2.5.5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"shibboleth-sp<2.5.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:49:03", "description": "A denial of service vulnerability was found in the Shibboleth (an\nfederated identity framework) Service Provider. When processing\ncertain malformed SAML message generated by an authenticated attacker,\nthe daemon could crash.", "edition": 15, "published": "2015-03-30T00:00:00", "title": "Debian DSA-3207-1 : shibboleth-sp2 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-2684"], "modified": "2015-03-30T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:shibboleth-sp2", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3207.NASL", "href": "https://www.tenable.com/plugins/nessus/82304", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3207. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82304);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2684\");\n script_bugtraq_id(73314);\n script_xref(name:\"DSA\", value:\"3207\");\n\n script_name(english:\"Debian DSA-3207-1 : shibboleth-sp2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service vulnerability was found in the Shibboleth (an\nfederated identity framework) Service Provider. When processing\ncertain malformed SAML message generated by an authenticated attacker,\nthe daemon could crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/shibboleth-sp2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3207\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the shibboleth-sp2 packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2.4.3+dfsg-5+deb7u1.\n\nFor the upcoming stable distribution (jessie), this problem has been\nfixed in version 2.5.3+dfsg-2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:shibboleth-sp2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-shib2\", reference:\"2.4.3+dfsg-5+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libshibsp-dev\", reference:\"2.4.3+dfsg-5+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libshibsp-doc\", reference:\"2.4.3+dfsg-5+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libshibsp5\", reference:\"2.4.3+dfsg-5+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"shibboleth-sp2-schemas\", reference:\"2.4.3+dfsg-5+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "cvelist": ["CVE-2015-2684"], "description": "Crash on parsing SAML message.", "edition": 1, "modified": "2015-04-19T00:00:00", "published": "2015-04-19T00:00:00", "id": "SECURITYVULNS:VULN:14415", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14415", "title": "Shibboleth Service Provider DoS", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "cvelist": ["CVE-2015-2684"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3207-1 security@debian.org\r\nhttp://www.debian.org/security/ Yves-Alexis Perez\r\nMarch 28, 2015 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : shibboleth-sp2\r\nCVE ID : CVE-2015-2684\r\n\r\nA denial of service vulnerability was found in the Shibboleth (an\r\nfederated identity framework) Service Provider. When processing certain\r\nmalformed SAML message generated by an authenticated attacker, the\r\ndaemon could crash.\r\n\r\nFor the stable distribution (wheezy), this problem has been fixed in\r\nversion 2.4.3+dfsg-5+deb7u1.\r\n\r\nFor the upcoming stable distribution (jessie), this problem has been\r\nfixed in version 2.5.3+dfsg-2.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 2.5.3+dfsg-2.\r\n\r\nWe recommend that you upgrade your shibboleth-sp2 packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2\r\n\r\niQEcBAEBCgAGBQJVFqmOAAoJEG3bU/KmdcClj2UH/iUoRWVjf7xGbRpyvgL8QdTR\r\nH0MxQHyNXiNRmPi/xtyCj3zLcoI14h8fm3Hggam1qfTY36yFnTi4DPnRIliYWb01\r\n+r3dJua3YN5mALoLgJfCupQ2skktHRGlTImhEfLaSfnvmss8byAvT5CAoJiCySXz\r\nILvO/xurlnFzIuWklBttBurvcBKe1HZth3Caa0rZ+kqWdf/QVKiS1vFL1V/Pivop\r\nhCt9i/qLQi5HCALYPF4y0ftpKKWErixYNmNG826pr6tWDVDtG82PuQlvtdPYpKmx\r\ns9z6dpQGZwpXErkkMBVsVzQ3JXKPCrWzY3orUANkcGKo0dJqG3rNP5eXAtLXMjw=\r\n=xA5Y\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-04-19T00:00:00", "published": "2015-04-19T00:00:00", "id": "SECURITYVULNS:DOC:31947", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31947", "title": "[SECURITY] [DSA 3207-1] shibboleth-sp2 security update", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-08-12T01:05:20", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2684"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3207-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nMarch 28, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : shibboleth-sp2\nCVE ID : CVE-2015-2684\n\nA denial of service vulnerability was found in the Shibboleth (an\nfederated identity framework) Service Provider. When processing certain\nmalformed SAML message generated by an authenticated attacker, the\ndaemon could crash.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2.4.3+dfsg-5+deb7u1.\n\nFor the upcoming stable distribution (jessie), this problem has been\nfixed in version 2.5.3+dfsg-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.5.3+dfsg-2.\n\nWe recommend that you upgrade your shibboleth-sp2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2015-03-28T13:17:22", "published": "2015-03-28T13:17:22", "id": "DEBIAN:DSA-3207-1:75122", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00092.html", "title": "[SECURITY] [DSA 3207-1] shibboleth-sp2 security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:22:26", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2684"], "description": "Matthew Vernon uploaded new packages for shibboleth-sp which fixed the\nfollowing security problems:\n\nCVE-2015-2684\n A denial of service vulnerability was found in the Shibboleth (a\n federated identity framework) Service Provider. When processing\n certain malformed SAML messages generated by an authenticated\n attacker, the daemon could crash.\n\nFor the wheezy-backports distribution the problems have been fixed in\nversion 2.5.3+dfsg-2~bpo70+1.\n", "edition": 2, "modified": "2015-04-29T10:27:12", "published": "2015-04-29T10:27:12", "id": "DEBIAN:BSA-103:52DD1", "href": "https://lists.debian.org/debian-backports-announce/2015/debian-backports-announce-201504/msg00002.html", "title": "[BSA-103] Security Update for shibboleth-sp", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:17:09", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2684"], "description": "Package : shibboleth-sp2\nVersion : 2.3.1+dfsg-5+deb6u1\nCVE ID : CVE-2015-2684\n\nA denial of service vulnerability was found in the Shibboleth (an\nfederated identity framework) Service Provider. When processing certain\nmalformed SAML message generated by an authenticated attacker, the daemon\ncould crash.\n\nFor the Debian 6 \u201cSqueeze\u201d distribution, this problem has been fixed in\nversion 2.3.1+dfsg-5+deb6u1.\n\nWe recommend that you upgrade your shibboleth-sp2 packages.\n\n-- \nRapha\u00ebl Hertzog \u25c8 Debian Developer\n\nSupport Debian LTS: http://www.freexian.com/services/debian-lts.html\nLearn to master Debian: http://debian-handbook.info/get/\n", "edition": 11, "modified": "2015-06-29T22:11:46", "published": "2015-06-29T22:11:46", "id": "DEBIAN:DLA-259-1:F4CB5", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201506/msg00026.html", "title": "[SECURITY] [DLA 259-1] shibboleth-sp2 security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}]}
