31 matches found
Shibboleth XML Security Signature Key Parsing Denial of Service Vulnerability (Windows)
This host is installed with Shibboleth and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbshibbolethxmldosvulnwin.nasl 7015 2017-08-28 11:51:24Z teissa $ Shibboleth XML Security Signature Key Parsing Denial of Service Vulnerability Windows Authors: Sooraj KS...
Shibboleth XML Security Signature Key Parsing Denial of Service Vulnerability - Windows
Shibboleth is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-2516
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service crash via a signature using a large RSA key, which triggers a buffer overflow...
DEBIAN-CVE-2011-2516
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service crash via a signature using a large RSA key, which triggers a buffer overflow...
CVE-2011-2516
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service crash via a signature using a large RSA key, which triggers a buffer overflow...
Buffer overflow
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service crash via a signature using a large RSA key, which triggers a buffer overflow...
CVE-2011-2516
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service crash via a signature using a large RSA key, which triggers a buffer overflow...
CVE-2011-2516
CVE-2011-2516 affects xml-security-c (XML Digital Signature for C++). The off-by-one/buffer overflow vulnerability occurs in the XML signature verification/signing path when using very large RSA keys (notably 8192+ bits), potentially crashing applications or, per Debian advisory, allowing arbitra...
CVE-2011-2516
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service crash via a signature using a large RSA key, which triggers a buffer overflow...
PT-2011-3910 · Apache +1 · Apache Xml Security For C++ +1
Name of the Vulnerable Software and Affected Versions: Apache XML Security for C++ version 1.6.0 Shibboleth versions prior to 2.4.3 Description: The issue is caused by an off-by-one error in the XML signature feature, which can be exploited by remote attackers to cause a denial of service crash v...
Security Advisory: CVE-2011-2516
Please be advised that a security issue affecting the Apache XML Security Library for C++ has been identified and an updated version released to address the issue. The full text of the advisory is below, and a signed version can be found at: http://santuario.apache.org/secadv/CVE-2011-2516.txt --...