582 matches found
CVE-2017-12868
CVE-2017-12868 affects SimpleSAMLphp (secureCompare in lib/SimpleSAML/Utils/Crypto.php) and older PHP runtime. When used with PHP
CVE-2017-12869
The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows remote attackers to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input...
CVE-2017-12868
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation...
CVE-2017-12870
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers...
SimpleSAMLphp Invalid Token Creation and Validation Vulnerability
SimpleSAMLphp is a set of PHP authentication applications that implement the SAML 2.0 service provider and identity provider functionality . A security vulnerability exists in SimpleSAMLphp 1.14.14 and earlier versions of SimpleSAMLAuthTimeLimitedToken. An attacker can exploit the vulnerability t...
Design/Logic Flaw
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
UBUNTU-CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
DEBIAN-CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
CVE-2017-12867
CVE-2017-12867 affects SimpleSAMLphp 1.14.14 and earlier where an attacker with access to a secret token can extend the token’s validity by manipulating the prepended time offset. The connected advisories confirm this vulnerability in multiple Debian releases and note that patches were released (...
CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
CVE-2017-12867
The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset...
Cross Site Scripting (XSS) in the consentAdmin module
More info at https://simplesamlphp.org/security/201709-01...
Padding Oracle Attack
simplesamlphp is vulnerable to padding oracle attacks. The library does not authenticate the ciphertext, allowing a malicious user listening in on the network to conduct a padding oracle attack to recover the identifier and try impersonating the user...
Authentication Bypass
simplesamlphp is vulnerable to authentication bypass. When the IdP is incorrectly configured it is possible for multiple users to be assigned a null value as a NameID, allowing a malicious user to authenticate themselves to another user's account...
Timing Attack
simplesamlphp is vulnerable to timing attacks. The library does not compare cookies in constant time, allowing malicious users to guess the valid cookies based on the time that a comparison takes...
Unauthorized Extension Of Token Validity
simplesamlphp is vulnerable to having a token's validity period extended by an unauthorized party. The vulnerability is possible because there is a flaw in the calculateTokenValue function in TimeLimitedToken.php. The flaw allows an attacker to extend the prepended offset as much as needed to hit...