oval:org.mitre.oval:def:7158

Definition Id: oval:org.mitre.oval:def:7158
 
Oval ID: oval:org.mitre.oval:def:7158
Title: XML Signature HMAC Truncation Authentication Bypass Vulnerability
Description: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0217
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft .NET Framework
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6438
 
Oval ID: oval:org.mitre.oval:def:6438
Title: Microsoft Windows Server 2008 R2 x64 Edition is installed
Description: The operating system installed on the system is Microsoft Windows Server 2008 R2 x64 Edition
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2008:r2::x64
Version: 9
Platform(s): Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:15247
 
Oval ID: oval:org.mitre.oval:def:15247
Title: Microsoft Windows XP x64 is installed
Description: A version of Microsoft Windows XP x64 is installed.
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_xp::x64
Version: 5
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:1834
 
Oval ID: oval:org.mitre.oval:def:1834
Title: Microsoft .NET Framework 1.1 Service Pack 1 is Installed
Description: Microsoft .NET Framework 1.1 Service Pack 1 is Installed
Family: windows Class: inventory
Reference(s): cpe:/a:microsoft:.net_framework:1.1:sp1
Version: 8
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft .NET Framework 1.1
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:12542
 
Oval ID: oval:org.mitre.oval:def:12542
Title: Microsoft .NET Framework 3.5 SP1 is installed
Description: Microsoft .NET Framework 3.5 SP1 is installed
Family: windows Class: inventory
Reference(s): cpe:/a:microsoft:.net_framework:3.5:sp1
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft .NET Framework 3.5
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:396
 
Oval ID: oval:org.mitre.oval:def:396
Title: Microsoft Windows Server 2003 (ia64) Gold is installed
Description: A version of Microsoft Windows Server 2003 (ia64) Gold is installed.
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2003::-:itanium
Version: 11
Platform(s): Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:730
 
Oval ID: oval:org.mitre.oval:def:730
Title: Microsoft Windows Server 2003 (x64) is installed
Description: A version of Microsoft Windows Server 2003 (x64) is installed.
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2003:::x64
Version: 11
Platform(s): Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:1870
 
Oval ID: oval:org.mitre.oval:def:1870
Title: Microsoft Windows Server 2003 (32-bit) is installed
Description: A version of Microsoft Windows Server 2003 (32-bit) is installed.
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2003:::x86
Version: 8
Platform(s): Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:105
 
Oval ID: oval:org.mitre.oval:def:105
Title: Microsoft Windows XP is installed
Description: The operating system installed on the system is Microsoft Windows XP.
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_xp
Version: 5
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6689
 
Oval ID: oval:org.mitre.oval:def:6689
Title: Microsoft .NET Framework 3.5 Original Release is installed
Description: Microsoft .NET Framework 3.5 Original Release is installed
Family: windows Class: inventory
Reference(s): cpe:/a:microsoft:.net_framework:3.5:-
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft .NET Framework 3.5
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:5954
 
Oval ID: oval:org.mitre.oval:def:5954
Title: Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
Description: The operating system installed on the system is Microsoft Windows Server 2008 R2 Itanium Edition
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2008:r2::itanium
Version: 8
Platform(s): Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:5667
 
Oval ID: oval:org.mitre.oval:def:5667
Title: Microsoft Windows Server 2008 (ia-64) is installed
Description: The operating system installed on the system is Microsoft Windows Server 2008 Itanium Edition
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2008:::itanium
Version: 6
Platform(s): Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:5356
 
Oval ID: oval:org.mitre.oval:def:5356
Title: Microsoft Windows Server 2008 (64-bit) is installed
Description: The operating system installed on the system is Microsoft Windows Server 2008 (64-bit)
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2008:::x64
Version: 8
Platform(s): Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:4870
 
Oval ID: oval:org.mitre.oval:def:4870
Title: Microsoft Windows Server 2008 (32-bit) is installed
Description: The operating system installed on the system is Microsoft Windows Server 2008 (32-bit)
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_server_2008:::x86
Version: 6
Platform(s): Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:5950
 
Oval ID: oval:org.mitre.oval:def:5950
Title: Microsoft Windows 7 x64 Edition is installed
Description: The operating system installed on the system is Microsoft Windows 7 x64 Edition
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_7:::x64
Version: 7
Platform(s): Microsoft Windows 7
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:6165
 
Oval ID: oval:org.mitre.oval:def:6165
Title: Microsoft Windows 7 (32-bit) is installed
Description: The operating system installed on the system is Microsoft Windows 7 (32-bit)
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_7:::x86
Version: 5
Platform(s): Microsoft Windows 7
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:2041
 
Oval ID: oval:org.mitre.oval:def:2041
Title: Microsoft Windows Vista x64 Edition is installed
Description: The operating system installed on the system is Microsoft Windows Vista x64 Edition
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_vista:::x64
Version: 6
Platform(s): Microsoft Windows Vista
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:1282
 
Oval ID: oval:org.mitre.oval:def:1282
Title: Microsoft Windows Vista (32-bit) is installed
Description: The operating system installed on the system is Microsoft Windows Vista (32-bit)
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_vista:::x86
Version: 4
Platform(s): Microsoft Windows Vista
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:85
 
Oval ID: oval:org.mitre.oval:def:85
Title: Microsoft Windows 2000 is installed
Description: The operating system installed on the system is Microsoft Windows 2000.
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_2000
Version: 5
Platform(s): Microsoft Windows 2000
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:1353
 
Oval ID: oval:org.mitre.oval:def:1353
Title: Microsoft Windows XP (32-bit) is installed
Description: The operating system installed on the system is Microsoft Windows XP (32-bit).
Family: windows Class: inventory
Reference(s): cpe:/o:microsoft:windows_xp:::x86
Version: 4
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:6158
 
Oval ID: oval:org.mitre.oval:def:6158
Title: Microsoft .NET Framework 2.0 Service Pack 2 is installed
Description: Microsoft .NET Framework 2.0 Service Pack 2 is installed
Family: windows Class: inventory
Reference(s): cpe:/a:microsoft:.net_framework:2.0:sp2
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft .NET Framework 2.0
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7158