lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <BA63CEAE152A7742B854C678D9491383945E53B7@CIO-KRC-D1MBX01.osuad.osu.edu>
Date: Tue, 18 Jun 2013 03:43:36 +0000
From: "Cantor, Scott" <cantor.2@....edu>
To: "security@...che.org" <security@...che.org>,
 "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>,
 "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: CVE-2013-2153: Apache Santuario C++ signature
	bypass vulnerability

CVE-2013-2153: Apache Santuario XML Security for C++ contains an
XML Signature Bypass issue

Severity: Critical

Vendor: The Apache Software Foundation

Versions Affected: Apache Santuario XML Security for C++ library versions
prior to V1.7.1

Description: The implementation of XML digital signatures in the
Santuario-C++ library is vulnerable to a spoofing issue allowing an
attacker to reuse existing signatures with arbitrary content.

The vulnerability affects only applications that do not perform
proper checking/analysis of the content of the Reference elements
in the Signature, but the bug exacerbates this problem by opening
such applications to attacks using arbitrary content, instead of
just attacks involving malicious, but signed, content.


Mitigation: Applications using library versions older than V1.7.1 should
upgrade as soon as possible. Distributors of older versions should apply
the
patches from this subversion revision:

http://svn.apache.org/viewvc?view=revision&revision=r1493959

Applications that appropriately examine the content of the signatures
they accept are immune to this issue. The only API provided for
this purpose in the library is to examine the individual Reference
elements to enforce limitations over their content, and doing so will
prevent this vulnerability. Developers with questions about this should
inquire on the Santuario project's mailing list.

Credit: This issue was reported by James Forshaw, Context Information
Security

References: http://santuario.apache.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Darwin)

iQIcBAEBCgAGBQJRv9NrAAoJEDeLhFQCJ3liPjMQAL24TiWH2gr5O1cXSjoxjJwp
WqfKGUvIE2tYY5fx8X8dE5jkLNSDefD517HsEJgebIllDuqwzC8sakcwh7yrCX9x
eGimv9RY9q0FdFk9bGnYNAB01f4ILGB+YV8yI8+J8um1dfUne0GWSxn1NWG4M4Zp
iEBUcxaBcU9IUF1uNiDD3gcR+47wzTz6kMnWFxDNEl62FpIeUvvt0d6nwY7MZL7h
q2FDP1Bt3cYWvsbUS47CKC+Ep+H5DybYAWK+jtvOkfEbFT9x4dynG1nMCPDNuRCz
UMczJ+a48UpYZGu5lN2YHDjU5ZJOExhWfeXxwnbNxAg50HVkU0LsOjSP8feUSkki
WFhQjbBMnpv7LJS7GWd08CaIrkYYH2/aUmEKkQeIODKCrfbys19XHtENeWIfS6lM
uSQlKG+GTg8h/lADbLhbtCRK5n6mRI2Icb7PHI+r1fuJx7TpESregPST0HcPWroD
nKoeFz+oS5v9BDMGqjMxbNvgA38fhBnPwfvbpH6yzPnL8XDZAKiFytBC/ZWO/0JX
yc+RDdasJBEghlZwjXrk1l/GR1h87kMbwIBFUE0stmByT9x5SUzrghgP9U0lXWah
ykUVDyICd97YryJWhRrRLnQW78US4PVDA0hm4sIOlEqVdiWHCOkQ1+yDmXjbFKca
C56YjpUEMmP6CCsMfmhq
=x8kA
-----END PGP SIGNATURE-----



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ