3786 matches found
CVE-2008-7299
IBM Tivoli Federated Identity Manager TFIM 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field...
Fedora 13 : php-pear-CAS-1.1.2-1.fc13 (2010-12258)
Security fixes Fix a session hijacking hole CVE-2010-2795 PHPCAS-61 callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796 PHPCAS-67 Bug fixes Fix warnings for SAML responses without attributes PHPCAS-59 Fix duplicate SAML debug output PHPCAS-64 Providing a new ST/PT/SA during...
Fedora 12 : php-pear-CAS-1.1.2-1.fc12 (2010-12247)
Security fixes Fix a session hijacking hole CVE-2010-2795 PHPCAS-61 callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796 PHPCAS-67 Bug fixes Fix warnings for SAML responses without attributes PHPCAS-59 Fix duplicate SAML debug output PHPCAS-64 Providing a new ST/PT/SA during...
Debian DSA-1896-1 : opensaml, shibboleth-sp - several vulnerabilities
Several vulnerabilities have been discovered in the opensaml and shibboleth-sp packages, as used by Shibboleth 1.x : - Chris Ries discovered that decoding a crafted URL leads to a crash and potentially, arbitrary code execution. - Ian Young discovered that embedded NUL characters in certificate...
Debian DSA-1895-1 : xmltooling - several vulnerabilities
Several vulnerabilities have been discovered in the xmltooling packages, as used by Shibboleth : - Chris Ries discovered that decoding a crafted URL leads to a crash and potentially, arbitrary code execution. - Ian Young discovered that embedded NUL characters in certificate names were not...
Debian: Security Advisory (DSA-1895-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1895-2] New opensaml2 and shibboleth-sp2 packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1895-2 [email protected] http://www.debian.org/security/ Florian Weimer October 09, 2009 http://www.debian.org/security/faq -...
DSA-1895-2 opensaml2, shibboleth-sp2 - interpretation conflict
Bulletin has no description...
Debian Security Advisory DSA 1896-1 (opensaml, shibboleth-sp)
The remote host is missing an update to opensaml, shibboleth-sp announced via advisory DSA 1896-1. OpenVAS Vulnerability Test $Id: deb18961.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1896-1 opensaml, shibboleth-sp Authors: Thomas Reinke Copyright:...
[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1895-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2009 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1895-1 (xmltooling)
The remote host is missing an update to xmltooling announced via advisory DSA 1895-1. OpenVAS Vulnerability Test $Id: deb18951.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1895-1 xmltooling Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
DSA-1896-1 opensaml shibboleth-sp - potential code execution
Bulletin has no description...
[SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1895-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2009 http://www.debian.org/security/faq -...
DSA-1895-1 xmltooling - potential code execution
Bulletin has no description...
Debian Security Advisory DSA 1700-1 (lasso)
The remote host is missing an update to lasso announced via advisory DSA 1700-1. OpenVAS Vulnerability Test $Id: deb17001.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1700-1 lasso Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Authentication flaw
The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...
CVE-2008-3891
The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...
CVE-2008-3891
The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...