7 matches found
Debian DSA-4127-1 : simplesamlphp - security update
Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. - CVE-2017-12867 Attackers with access to a secret token could extend its validity period by manipulating the prepended time offset. - CVE-2017-12869 When using the...
[SECURITY] [DSA 4127-1] simplesamlphp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4127-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst March 02, 2018 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4127-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1273-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1273-1] simplesamlphp security update
Package : simplesamlphp Version : 1.9.2-1+deb7u2 CVE ID : CVE-2017-18121 CVE-2017-18122 CVE-2018-6521 Debian Bug : 889286 simplesamlphp, an authentication and federation application has been found vulnerable to Cross Site Scripting XSS, signature validation byepass and using insecure connection...
Debian DLA-1273-1 : simplesamlphp security update
simplesamlphp, an authentication and federation application has been found vulnerable to Cross Site Scripting XSS, signature validation byepass and using insecure connection charset. CVE-2017-18121 A Cross Site Scripting XSS issue has been found in the consentAdmin module of SimpleSAMLphp through...
CVE-2018-6521
CVE-2018-6521 affects SimpleSAMLphp SQLaUTH: before 1.15.2, the MySQL utf8 charset truncates queries at four-byte characters, potentially allowing remote attackers to bypass access restrictions. Affected: SimpleSAMLphp SQLaUTH module. Root cause: reliance on utf8 charset causing truncation. Impac...