12 matches found
EUVD-2009-3457
Malware in sbrugna...
Debian DSA-1896-1 : opensaml, shibboleth-sp - several vulnerabilities
Several vulnerabilities have been discovered in the opensaml and shibboleth-sp packages, as used by Shibboleth 1.x : - Chris Ries discovered that decoding a crafted URL leads to a crash and potentially, arbitrary code execution. - Ian Young discovered that embedded NUL characters in certificate...
Debian DSA-1895-1 : xmltooling - several vulnerabilities
Several vulnerabilities have been discovered in the xmltooling packages, as used by Shibboleth : - Chris Ries discovered that decoding a crafted URL leads to a crash and potentially, arbitrary code execution. - Ian Young discovered that embedded NUL characters in certificate names were not...
Shibboleth Service Provider NULL Character Spoofing Vulnerability (Windows)
The host has Shibboleth Service Provider installed and is prone to NULL Character Spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbshibbolethspnullcharspoofingvulnwin.nasl 4869 2016-12-29 11:01:45Z teissa $ Shibboleth Service Provider NULL Character Spoofing Vulnerability Windows Authors...
CVE-2009-3475
Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...
CVE-2009-3475
Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...
[Backports-security-announce] Security update for opemsaml and shibboleth-sp
Russ Allbery uploaded new packages for opensaml and shibboleth-sp which fixed the following security problems: DSA-1896-1 Several vulnerabilities have been discovered in the opensaml and shibboleth-sp packages, as used by Shibboleth 1.x: Chris Ries discovered that decoding a crafted URL leads to ...
[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...
DSA-1896-1 opensaml shibboleth-sp - potential code execution
Bulletin has no description...
Debian Security Advisory DSA 1895-1 (xmltooling)
The remote host is missing an update to xmltooling announced via advisory DSA 1895-1. OpenVAS Vulnerability Test $Id: deb18951.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1895-1 xmltooling Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
[SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1895-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2009 http://www.debian.org/security/faq -...
DSA-1895-1 xmltooling - potential code execution
Bulletin has no description...