7.5 - DSA-4127

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	simplesamlphp security update

Informations
Name	DSA-4127	First vendor Publication	2018-03-02
Vendor	Debian	Last vendor Modification	2018-03-02
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol.

CVE-2017-12867

Attackers with access to a secret token could extend its validity period by manipulating the prepended time offset.

CVE-2017-12869

When using the multiauth module, attackers can bypass authentication context restrictions and use any authentication source defined in the config.

CVE-2017-12873

Defensive measures have been taken to prevent the administrator from misconfiguring persistent NameIDs to avoid identifier clash. (Affects Debian 8 Jesse only.)

CVE-2017-12874

The InfoCard module could accept incorrectly signed XML messages in rare occasions.

CVE-2017-18121

The consentAdmin module was vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code in the victim's browser.

CVE-2017-18122

The (deprecated) SAML 1.1 implementation would regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions was valid, allowing an attacker that could obtain a valid signed assertion from an IdP to impersonate users from that IdP.

CVE-2018-6519

Regular expression denial of service when parsing extraordinarily long timestamps.

CVE-2018-6521

Change sqlauth module MySQL charset from utf8 to utf8mb to prevent theoretical query truncation that could allow remote attackers to bypass intended access restrictions

SSPSA-201802-01 (no CVE yet)

Critical signature validation vulnerability.

For the oldstable distribution (jessie), these problems have been fixed in version 1.13.1-2+deb8u1.

For the stable distribution (stretch), these problems have been fixed in version 1.14.11-1+deb9u1.

We recommend that you upgrade your simplesamlphp packages.

For the detailed security status of simplesamlphp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/simplesamlphp

Original Source

Url : http://www.debian.org/security/2018/dsa-4127

CWE : Common Weakness Enumeration

%	Id	Name
29 %	CWE-20	Improper Input Validation
14 %	CWE-613	Insufficient Session Expiration
14 %	CWE-384	Session Fixation
14 %	CWE-347	Improper Verification of Cryptographic Signature
14 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
14 %	CWE-74	Failure to Sanitize Data into a Different Plane ('Injection')

CPE : Common Platform Enumeration

Type	Description	Count
Application	Simplesamlphp Infocard Module cpe:2.3:a:simplesamlphp:infocard_module:1.0:::::simplesamlphp::	1
Application	Simplesamlphp saml2 cpe:2.3:a:simplesamlphp:saml2:2.3.2:::::::* cpe:2.3:a:simplesamlphp:saml2:2.3.1:::::::* cpe:2.3:a:simplesamlphp:saml2:2.3:::::::* cpe:2.3:a:simplesamlphp:saml2:2.2:::::::* cpe:2.3:a:simplesamlphp:saml2:2.1:::::::* cpe:2.3:a:simplesamlphp:saml2:2.0.1:::::::* cpe:2.3:a:simplesamlphp:saml2:2.0.0:::::::* cpe:2.3:a:simplesamlphp:saml2:1.10.2:::::::* cpe:2.3:a:simplesamlphp:saml2:1.10.1:::::::* cpe:2.3:a:simplesamlphp:saml2:1.10:::::::* cpe:2.3:a:simplesamlphp:saml2::::::::	11
Application	Simplesamlphp cpe:2.3:a:simplesamlphp:simplesamlphp:1.9.2:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.9.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.9.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.9:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.8.3:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.8.2:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.8.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.8.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.8:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.7.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.7:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.6.3:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.6.2:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.6.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.6:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.5.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.5:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.4.10:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.4:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.3:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.2:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.9:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.8:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.7:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.6:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.5:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.4:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.3:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.2:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.13:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.12:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.11:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.10:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.14:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.13.2:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.13.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.13.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.13:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.12.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.12:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.11.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.11:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.10.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.10:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.1:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:1.0:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:0.5:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp:0.4:::::::* cpe:2.3:a:simplesamlphp:simplesamlphp::::::::	51
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:9.0:::::::* cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::*	3

Nessus® Vulnerability Scanner

Date	Description
2019-01-03	Name : The remote Fedora host is missing a security update. File : fedora_2018-0ee228da17.nasl - Type : ACT_GATHER_INFO
2019-01-03	Name : The remote Fedora host is missing a security update. File : fedora_2018-85cb15befd.nasl - Type : ACT_GATHER_INFO
2019-01-03	Name : The remote Fedora host is missing a security update. File : fedora_2018-8cda2309d6.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2018-37e28670f2.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2018-6db40b0c37.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2018-96601292a2.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2018-d809bd2fd6.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2018-f2097d8937.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2018-f4ab4d96f9.nasl - Type : ACT_GATHER_INFO
2018-03-05	Name : The remote Debian host is missing a security-related update. File : debian_DSA-4127.nasl - Type : ACT_GATHER_INFO
2018-02-09	Name : The remote Debian host is missing a security update. File : debian_DLA-1273.nasl - Type : ACT_GATHER_INFO
2017-12-13	Name : The remote Debian host is missing a security update. File : debian_DLA-1205.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2018-03-02 09:18:50	First insertion

Global Informations

Type	Count
CWE ID(s)	7
CPE ID(s)	66
Nessus® Exploit(s)	12

	Related
9.8	CVE-2018-6521
9.8	CVE-2017-12873
8.1	CVE-2017-18122
7.5	CVE-2018-6519
7.5	CVE-2017-12874
7.5	CVE-2017-12869
6.1	CVE-2017-18121
5.9	CVE-2017-12867
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 8 more Alert(s)

7.5 - DSA-4127

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU