6 matches found
EUVD-2017-8026
Malware in sbrugna...
openSUSE Security Update : shibboleth-sp (openSUSE-2017-1348)
This update for shibboleth-sp fixes the following issues : Security issue fixed : - CVE-2017-16852: Fix critical security checks in the Dynamic MetadataProvider plugin in Shibboleth Service bsc1068689. This update was imported from the SUSE:SLE-12-SP1:Update update project. %NASLMINLEVEL 70300 C...
SUSE-SU-2017:3215-1 Security update for shibboleth-sp
This update for shibboleth-sp fixes the following issues: Security issue fixed: - CVE-2017-16852: Fix critical security checks in the Dynamic MetadataProvider plugin in Shibboleth Service bsc1068689...
Shibboleth Service Provider Dynamic MetadataProvider Plugin Security Bypass Vulnerability
Shibboleth is the British Shibboleth company's set of open source based on the SAML protocol of the Web single sign-on system . Shibboleth Service Provider SP is one of the service provider components. Dynamic MetadataProvider plugin is one of the Dynamic DataProvider plugin. A security...
Security feature bypass
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity...
shibboleth2-sp -- "Dynamic" metadata provider plugin issue
The Internet2 community reports: The Shibboleth Service Provider software includes a MetadataProvider plugin with the plugin type "Dynamic" to obtain metadata on demand from a query server, in place of the more typical mode of downloading aggregates separately containing all of the metadata to...