EUVD-2011-2318

Malware in sbrugna...

Design/Logic Flaw

The ramparttimestamptokenvalidate function in util/ramparttimestamptoken.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than...

CVE-2011-0730

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud UEC and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signatur...

CVE-2011-0730

CVE-2011-0730 affects Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2. The issue arises from improper interpretation of signed elements in SOAP requests, enabling man-in-the-middle attackers to modify a request and execute arbitrary commands. This is tied to XML Signature Element Wrapping ...

[USN-1137-1] Eucalyptus vulnerability

========================================================================== Ubuntu Security Notice USN-1137-1 May 26, 2011 eucalyptus, rampart vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...