6 matches found
Debian Security Advisory DSA 1947-1 (shibboleth-sp, shibboleth-sp2, opensaml2)
The remote host is missing an update to shibboleth-sp, shibboleth-sp2, opensaml2 announced via advisory DSA 1947-1. OpenVAS Vulnerability Test $Id: deb19471.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1947-1 shibboleth-sp, shibboleth-sp2, opensaml2...
[Backports-security-announce] Security Update for Shibboleth packages
Russ Allbery uploaded new packages for xmltooling, opensaml2, shibboleth-sp2, and shibboleth-sp which fixed the following security problems: CVE-2009-3300 The Shibboleth software includes code to perform arbitrary redirections and generates forms containing arbitrary destinations in certain cases...
[Backports-security-announce] Security Update for Shibboleth packages
Russ Allbery uploaded new packages for xmltooling, opensaml2, shibboleth-sp2, and shibboleth-sp which fixed the following security problems: CVE-2009-3300 The Shibboleth software includes code to perform arbitrary redirections and generates forms containing arbitrary destinations in certain cases...
CVE-2009-3300
Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...
CVE-2009-3300
Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...
CVE-2009-3300
Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...