RedHat Update for ipsilon RHSA-2016:2809-01. Vulnerability in SAML2 provider's session handlin
Reporter | Title | Published | Views | Family All 24 |
---|---|---|---|---|
![]() | CVE-2016-8638 | 12 Jul 201713:00 | – | cvelist |
![]() | CVE-2016-8638 | 12 Jul 201713:29 | – | nvd |
![]() | CVE-2017-16855 | 16 Nov 201718:29 | – | nvd |
![]() | [SECURITY] Fedora 25 Update: ipsilon-2.0.2-2.fc25 | 28 Dec 201620:21 | – | fedora |
![]() | [SECURITY] Fedora 24 Update: ipsilon-2.0.2-2.fc24 | 28 Dec 201621:49 | – | fedora |
![]() | Fedora 25 : ipsilon (2016-2d8fb6d7ad) | 29 Dec 201600:00 | – | nessus |
![]() | Fedora 24 : ipsilon (2016-b465090499) | 29 Dec 201600:00 | – | nessus |
![]() | Oracle Linux 7 : ipsilon (ELSA-2016-2809) | 22 Nov 201600:00 | – | nessus |
![]() | CentOS 7 : ipsilon (CESA-2016:2809) | 28 Nov 201600:00 | – | nessus |
![]() | EulerOS 2.0 SP2 : ipsilon (EulerOS-SA-2018-1013) | 19 Jan 201800:00 | – | nessus |
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.871720");
script_version("2024-03-21T05:06:54+0000");
script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
script_tag(name:"creation_date", value:"2016-11-22 05:36:49 +0100 (Tue, 22 Nov 2016)");
script_cve_id("CVE-2016-8638");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2018-01-05 02:31:00 +0000 (Fri, 05 Jan 2018)");
script_tag(name:"qod_type", value:"package");
script_name("RedHat Update for ipsilon RHSA-2016:2809-01");
script_tag(name:"summary", value:"The remote host is missing an update for the 'ipsilon'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The ipsilon packages provide the Ipsilon
identity provider service for federated single sign-on (SSO). Ipsilon links
authentication providers and applications or utilities to allow for SSO. It includes
a server and utilities to configure Apache-based service providers.
Security Fix(es):
* A vulnerability was found in ipsilon in the SAML2 provider's handling of
sessions. An attacker able to hit the logout URL could determine what
service providers other users are logged in to and terminate their
sessions. (CVE-2016-8638)
This issue was discovered by Patrick Uiterwijk (Red Hat) and Howard
Johnson.");
script_tag(name:"affected", value:"ipsilon on Red Hat Enterprise Linux Server (v. 7)");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_xref(name:"RHSA", value:"2016:2809-01");
script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2016-November/msg00078.html");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone AG");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_7");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "RHENT_7")
{
if ((res = isrpmvuln(pkg:"ipsilon", rpm:"ipsilon~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-authform", rpm:"ipsilon-authform~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-authgssapi", rpm:"ipsilon-authgssapi~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-authldap", rpm:"ipsilon-authldap~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-base", rpm:"ipsilon-base~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-client", rpm:"ipsilon-client~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-filesystem", rpm:"ipsilon-filesystem~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-infosssd", rpm:"ipsilon-infosssd~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-persona", rpm:"ipsilon-persona~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-saml2", rpm:"ipsilon-saml2~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-saml2-base", rpm:"ipsilon-saml2-base~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipsilon-tools-ipa", rpm:"ipsilon-tools-ipa~1.0.0~13.el7_3", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo