CVE-2011-1411
published 2011-09-02CVE-2011-1411: Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass…
PriorityP338medium5.8CVSS 2.0
AVNACMAuNCPIPAN
EPSS
2.29%
81.1th percentile
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| shibboleth | opensaml | — | — |
| shibboleth | opensaml | — | — |
| shibboleth | opensaml | — | — |
| shibboleth | opensaml | — | — |
| shibboleth | shibboleth-identity-provider | <= 2.3.1 | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
| shibboleth | shibboleth-identity-provider | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Improper Authentication in OpenSAML
ghsa·2022-05-17
CVE-2011-1411 [MEDIUM] CWE-287 Improper Authentication in OpenSAML
Improper Authentication in OpenSAML
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
OSV
Improper Authentication in OpenSAML
osv·2022-05-17
CVE-2011-1411 [MEDIUM] Improper Authentication in OpenSAML
Improper Authentication in OpenSAML
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
No detection rules found.
No public exploits indexed.
arXiv
XML Signature Wrapping Still Considered Harmful: A Case Study on the Personal Health Record in Germany
arxiv_fulltext·2021-06-19
XML Signature Wrapping Still Considered Harmful: A Case Study on the Personal Health Record in Germany
XML Signature Wrapping Still Considered Harmful: A Case Study on the Personal Health Record in Germany
XML Signature Wrapping Still Considered Harmful
Paul Höller1 0000-0002-1049-5794
Alexander Krumeich10000-0002-6523-4890
Luigi Lo Iacono20000-0002-7863-0622
n-design GmbH Cologne, Germany
\paul.hoeller, alexander.krumeich\@n-design.de
H-BRS University of Applied Sciences, Sankt Augustin, Germany [email protected]
## Abstract
XML Signature Wrapping (XSW) has been a relevant threat to web services for 15 years until today. Using the Personal Health Record (PHR), which is currently under development in Germany, we investigate a current SOAP-based web services system as a case study. In doing so, we highlight several deficiencies in defending against XSW. Using this real-world cont
Bugzilla
CVE-2012-4418 axis2: vulnerable to XML signature wrapping attacks
bugzilla·2012-09-12·CVSS 5.8
CVE-2012-4418 [MEDIUM] CVE-2012-4418 axis2: vulnerable to XML signature wrapping attacks
CVE-2012-4418 axis2: vulnerable to XML signature wrapping attacks
Apache Axis2, a web services, SOAP, and WSDL engine allows remote attackers to forge messages and bypass authentication via "XML Signature wrapping attack".
References:
[1] http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf
[2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1411
[3] https://bugzilla.novell.com/show_bug.cgi?id=779901
Discussion:
See also bug #865168 (CVE-2012-5158).
---
Created axis2 tracking bugs for this issue
Affects: fedora-17 [bug 919325]
---
Statement:
Not Vulnerable. This issue does not affect the version of axis as shipped with JBoss Developer Studio 5 and 6, JBoss Enterprise Portal Platform 5.2.2 and 6.0.0, Red Hat Enterprise Linux 5 and 6, and Red H
Bugzilla
CVE-2011-1411 opensaml: vulnerable to XML signature wrapping attacks [fedora-all]
bugzilla·2011-07-25·CVSS 5.8
CVE-2011-1411 [MEDIUM] CVE-2011-1411 opensaml: vulnerable to XML signature wrapping attacks [fedora-all]
CVE-2011-1411 opensaml: vulnerable to XML signature wrapping attacks [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=725526
Please note: this issue affects m
Bugzilla
CVE-2011-1411 opensaml: vulnerable to XML signature wrapping attacks
bugzilla·2011-07-25·CVSS 5.8
CVE-2011-1411 [MEDIUM] CVE-2011-1411 opensaml: vulnerable to XML signature wrapping attacks
CVE-2011-1411 opensaml: vulnerable to XML signature wrapping attacks
Description of problem:
http://shibboleth.internet2.edu/secadv/secadv_20110725.txt
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
Discussion:
It was reported that the Shibboleth Project's OpenSAML software was vulnerable to XML signature wrapping attacks.
Version 2.4.3 corrects this flaw.
---
Created opensaml tracking bugs for this issue
Affects: fedora-all [bug 725557]
---
xmltooling 1.4.2 / opensaml 2.4.3 build in rawhide
---
The vulnerability has been addressed in:
opensaml-2.4.3-1 (rawhide)
opensaml-2.3-6 (f16 updates-testing, submitted for stable)
opensaml-2.3-4 (f15 updates)
http://secunia.com/advisories/50994http://shibboleth.internet2.edu/secadv/secadv_20110725.txthttp://www.debian.org/security/2011/dsa-2284http://www.mandriva.com/security/advisories?name=MDVSA-2013:150http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.htmlhttp://secunia.com/advisories/50994http://shibboleth.internet2.edu/secadv/secadv_20110725.txthttp://www.debian.org/security/2011/dsa-2284http://www.mandriva.com/security/advisories?name=MDVSA-2013:150http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
2011-09-02
Published