Ubuntu Update for python-pysaml2 USN-4245-1

2020-01-22T00:00:00

Description

The remote host is missing an update for the

{"id": "OPENVAS:1361412562310844302", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for python-pysaml2 USN-4245-1", "description": "The remote host is missing an update for the ", "published": "2020-01-22T00:00:00", "modified": "2020-01-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844302", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["4245-1", "https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005281.html"], "cvelist": ["CVE-2020-5390"], "lastseen": "2020-01-28T14:51:14", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-5390"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2119-1:6E5D8", "DEBIAN:DLA-2119-1:A7A58", "DEBIAN:DSA-4630-1:E8C48"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-5390"]}, {"type": "github", "idList": ["GHSA-QF7V-8HJ3-4XW7"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2119.NASL", "DEBIAN_DSA-4630.NASL", "UBUNTU_USN-4245-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704630", "OPENVAS:1361412562310892119"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-5390"]}, {"type": "ubuntu", "idList": ["USN-4245-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-5390"]}], "rev": 4}, "score": {"value": 6.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2020-5390"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2119-1:A7A58", "DEBIAN:DSA-4630-1:E8C48"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-5390"]}, {"type": "github", "idList": ["GHSA-QF7V-8HJ3-4XW7"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2119.NASL", "DEBIAN_DSA-4630.NASL", "UBUNTU_USN-4245-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704630", "OPENVAS:1361412562310892119"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-5390"]}, {"type": "ubuntu", "idList": ["USN-4245-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-5390"]}]}, "exploitation": null, "vulnersScore": 6.3}, "pluginID": "1361412562310844302", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844302\");\n script_version(\"2020-01-28T08:10:01+0000\");\n script_cve_id(\"CVE-2020-5390\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 08:10:01 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-22 04:00:37 +0000 (Wed, 22 Jan 2020)\");\n script_name(\"Ubuntu Update for python-pysaml2 USN-4245-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.10|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4245-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005281.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pysaml2'\n package(s) announced via the USN-4245-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that PySAML2 incorrectly handled certain SAML files.\nAn attacker could possibly use this issue to bypass signature verification\nwith arbitrary data.\");\n\n script_tag(name:\"affected\", value:\"'python-pysaml2' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"4.0.2-0ubuntu3.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-pysaml2\", ver:\"4.0.2-0ubuntu3.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"4.5.0+dfsg1-0ubuntu2.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-pysaml2\", ver:\"4.5.0+dfsg1-0ubuntu2.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"4.5.0+dfsg1-0ubuntu2.19.04.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-pysaml2\", ver:\"4.5.0+dfsg1-0ubuntu2.19.04.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"3.0.0-3ubuntu1.16.04.4\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-pysaml2\", ver:\"3.0.0-3ubuntu1.16.04.4\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "naslFamily": "Ubuntu Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645633663}}

{"debian": [{"lastseen": "2021-10-22T11:25:19", "description": "Package : python-pysaml2\nVersion : 2.0.0-1+deb8u3\nCVE ID : CVE-2020-5390\nDebian Bug : 949322\n\nIt was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n2.0.0-1+deb8u3.\n\nWe recommend that you upgrade your python-pysaml2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-02-26T11:17:15", "type": "debian", "title": "[SECURITY] [DLA 2119-1] python-pysaml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-02-26T11:17:15", "id": "DEBIAN:DLA-2119-1:6E5D8", "href": "https://lists.debian.org/debian-lts-announce/2020/02/msg00025.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-02-16T11:33:06", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4630-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 21, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : python-pysaml2\nCVE ID : CVE-2020-5390\n\nIt was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 3.0.0-5+deb9u1.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 5.4.1-2+deb10u1.\n\nWe recommend that you upgrade your python-pysaml2 packages.\n\nFor the detailed security status of python-pysaml2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/python-pysaml2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-02-21T20:21:24", "type": "debian", "title": "[SECURITY] [DSA 4630-1] python-pysaml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-02-21T20:21:24", "id": "DEBIAN:DSA-4630-1:E8C48", "href": "https://lists.debian.org/debian-security-announce/2020/msg00033.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-12-11T04:10:44", "description": "Package : python-pysaml2\nVersion : 2.0.0-1+deb8u3\nCVE ID : CVE-2020-5390\nDebian Bug : 949322\n\nIt was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n2.0.0-1+deb8u3.\n\nWe recommend that you upgrade your python-pysaml2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-02-26T11:17:15", "type": "debian", "title": "[SECURITY] [DLA 2119-1] python-pysaml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-02-26T11:17:15", "id": "DEBIAN:DLA-2119-1:A7A58", "href": "https://lists.debian.org/debian-lts-announce/2020/02/msg00025.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2020-02-28T16:54:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-27T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for python-pysaml2 (DLA-2119-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-5390"], "modified": "2020-02-27T00:00:00", "id": "OPENVAS:1361412562310892119", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892119", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892119\");\n script_version(\"2020-02-27T04:00:10+0000\");\n script_cve_id(\"CVE-2020-5390\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-27 04:00:10 +0000 (Thu, 27 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-27 04:00:10 +0000 (Thu, 27 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for python-pysaml2 (DLA-2119-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00025.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2119-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/949322\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pysaml2'\n package(s) announced via the DLA-2119-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\");\n\n script_tag(name:\"affected\", value:\"'python-pysaml2' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n2.0.0-1+deb8u3.\n\nWe recommend that you upgrade your python-pysaml2 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"2.0.0-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2-doc\", ver:\"2.0.0-1+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-25T16:53:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-23T00:00:00", "type": "openvas", "title": "Debian: Security Advisory for python-pysaml2 (DSA-4630-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-5390"], "modified": "2020-02-23T00:00:00", "id": "OPENVAS:1361412562310704630", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704630", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704630\");\n script_version(\"2020-02-23T04:00:14+0000\");\n script_cve_id(\"CVE-2020-5390\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-23 04:00:14 +0000 (Sun, 23 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-23 04:00:14 +0000 (Sun, 23 Feb 2020)\");\n script_name(\"Debian: Security Advisory for python-pysaml2 (DSA-4630-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4630.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4630-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pysaml2'\n package(s) announced via the DSA-4630-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\");\n\n script_tag(name:\"affected\", value:\"'python-pysaml2' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), this problem has been fixed\nin version 3.0.0-5+deb9u1.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.5.0-4+deb10u1.\n\nWe recommend that you upgrade your python-pysaml2 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\n# nb: The initial advisory is referencing a wrong version for the three Buster packages.\n# Take care of this when overwriting this LSC...\nif(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"4.5.0-4+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2-doc\", ver:\"4.5.0-4+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-pysaml2\", ver:\"4.5.0-4+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2\", ver:\"3.0.0-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-pysaml2-doc\", ver:\"3.0.0-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-pysaml2\", ver:\"3.0.0-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:27:42", "description": "PySAML2 before 5.0.0 does not check that the signature in a SAML document\nis enveloped and thus signature wrapping is effective, i.e., it is affected\nby XML Signature Wrapping (XSW). The signature information and the\nnode/object that is signed can be in different places and thus the\nsignature verification will succeed, but the wrong data will be used. This\nspecifically affects the verification of assertion that have been signed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-01-13T00:00:00", "type": "ubuntucve", "title": "CVE-2020-5390", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-01-13T00:00:00", "id": "UB:CVE-2020-5390", "href": "https://ubuntu.com/security/CVE-2020-5390", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "ubuntu": [{"lastseen": "2022-01-04T11:30:55", "description": "It was discovered that PySAML2 incorrectly handled certain SAML files. \nAn attacker could possibly use this issue to bypass signature verification \nwith arbitrary data.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-01-21T00:00:00", "type": "ubuntu", "title": "PySAML2 vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-01-21T00:00:00", "id": "USN-4245-1", "href": "https://ubuntu.com/security/notices/USN-4245-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2021-12-14T17:52:08", "description": "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-01-13T19:15:00", "type": "debiancve", "title": "CVE-2020-5390", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-01-13T19:15:00", "id": "DEBIANCVE:CVE-2020-5390", "href": "https://security-tracker.debian.org/tracker/CVE-2020-5390", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "redhatcve": [{"lastseen": "2022-06-08T08:09:42", "description": "A verification flaw was found in python-pysaml2, where it did not check that the signature in a SAML document was enveloped, which enabled XML signature wrapping (XSW) attacks. A remote attacker could exploit this flaw to convince SAML processing to verify the signature and accept malicious data. This issue specifically affects the verification of signed SAML assertions.\n#### Mitigation\n\nThere is no known mitigation for this issue, the flaw can only be resolved by applying updates. \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-24T14:09:10", "type": "redhatcve", "title": "CVE-2020-5390", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2022-06-08T07:00:37", "id": "RH:CVE-2020-5390", "href": "https://access.redhat.com/security/cve/cve-2020-5390", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-08-19T12:16:31", "description": "It was discovered that pysaml2, a Python implementation of SAML to be used in a WSGI environment, was susceptible to XML signature wrapping attacks, which could result in a bypass of signature verification.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 2.0.0-1+deb8u3.\n\nWe recommend that you upgrade your python-pysaml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-02-27T00:00:00", "type": "nessus", "title": "Debian DLA-2119-1 : python-pysaml2 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-5390"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-pysaml2", "p-cpe:/a:debian:debian_linux:python-pysaml2-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2119.NASL", "href": "https://www.tenable.com/plugins/nessus/134092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2119-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134092);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2020-5390\");\n\n script_name(english:\"Debian DLA-2119-1 : python-pysaml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n2.0.0-1+deb8u3.\n\nWe recommend that you upgrade your python-pysaml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/python-pysaml2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected python-pysaml2, and python-pysaml2-doc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-pysaml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-pysaml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"python-pysaml2\", reference:\"2.0.0-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-pysaml2-doc\", reference:\"2.0.0-1+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:17:19", "description": "It was discovered that PySAML2 incorrectly handled certain SAML files.\nAn attacker could possibly use this issue to bypass signature verification with arbitrary data.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-01-22T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : PySAML2 vulnerability (USN-4245-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-5390"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-pysaml2", "p-cpe:/a:canonical:ubuntu_linux:python3-pysaml2", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4245-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133179", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4245-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133179);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2020-5390\");\n script_xref(name:\"USN\", value:\"4245-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : PySAML2 vulnerability (USN-4245-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that PySAML2 incorrectly handled certain SAML files.\nAn attacker could possibly use this issue to bypass signature\nverification with arbitrary data.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4245-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python-pysaml2 and / or python3-pysaml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-5390\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-pysaml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-pysaml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python-pysaml2\", pkgver:\"3.0.0-3ubuntu1.16.04.4\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python3-pysaml2\", pkgver:\"3.0.0-3ubuntu1.16.04.4\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python-pysaml2\", pkgver:\"4.0.2-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python3-pysaml2\", pkgver:\"4.0.2-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"python-pysaml2\", pkgver:\"4.5.0+dfsg1-0ubuntu2.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"python3-pysaml2\", pkgver:\"4.5.0+dfsg1-0ubuntu2.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"python-pysaml2\", pkgver:\"4.5.0+dfsg1-0ubuntu2.19.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"python3-pysaml2\", pkgver:\"4.5.0+dfsg1-0ubuntu2.19.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pysaml2 / python3-pysaml2\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:16:45", "description": "It was discovered that pysaml2, a Python implementation of SAML to be used in a WSGI environment, was susceptible to XML signature wrapping attacks, which could result in a bypass of signature verification.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-4630-1 : python-pysaml2 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-5390"], "modified": "2020-02-26T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-pysaml2", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4630.NASL", "href": "https://www.tenable.com/plugins/nessus/133878", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4630. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133878);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2020-5390\");\n script_xref(name:\"DSA\", value:\"4630\");\n\n script_name(english:\"Debian DSA-4630-1 : python-pysaml2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that pysaml2, a Python implementation of SAML to be\nused in a WSGI environment, was susceptible to XML signature wrapping\nattacks, which could result in a bypass of signature verification.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/python-pysaml2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?757b3296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/python-pysaml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/python-pysaml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4630\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the python-pysaml2 packages.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 3.0.0-5+deb9u1.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 5.4.1-2+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-pysaml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"python-pysaml2\", reference:\"5.4.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python-pysaml2-doc\", reference:\"5.4.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python3-pysaml2\", reference:\"5.4.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-pysaml2\", reference:\"3.0.0-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-pysaml2-doc\", reference:\"3.0.0-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3-pysaml2\", reference:\"3.0.0-5+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "osv": [{"lastseen": "2022-05-12T01:32:37", "description": "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-13T19:15:00", "type": "osv", "title": "PYSEC-2020-94", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-01-27T18:15:00", "id": "OSV:PYSEC-2020-94", "href": "https://osv.dev/vulnerability/PYSEC-2020-94", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-10T05:03:16", "description": "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-06T19:41:29", "type": "osv", "title": "Improper Verification of Cryptographic Signature in PySAML2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2022-06-10T02:12:12", "id": "OSV:GHSA-QF7V-8HJ3-4XW7", "href": "https://osv.dev/vulnerability/GHSA-qf7v-8hj3-4xw7", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2022-03-23T18:39:06", "description": "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-13T19:15:00", "type": "cve", "title": "CVE-2020-5390", "cwe": ["CWE-347"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2020-01-27T18:15:00", "cpe": [], "id": "CVE-2020-5390", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-5390", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": []}], "github": [{"lastseen": "2021-12-22T11:54:31", "description": "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-06T19:41:29", "type": "github", "title": "Improper Verification of Cryptographic Signature in PySAML2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5390"], "modified": "2021-08-25T21:05:17", "id": "GHSA-QF7V-8HJ3-4XW7", "href": "https://github.com/advisories/GHSA-qf7v-8hj3-4xw7", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}]}

Ubuntu Update for python-pysaml2 USN-4245-1

Description

Related