-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


CVE-2014-3584: Apache CXF JAX-RS SAML handling is vulnerable to a Denial of
Service (DoS) attack

Severity: Major

Vendor: The Apache Software Foundation

Versions Affected:

This vulnerability affects all versions of Apache CXF prior to 3.0.0-milestone1,
2.7.8 and 2.6.11.

Description:

An Apache CXF JAX-RS service can process SAML tokens received in the
authorization header of a request via the SamlHeaderInHandler. However it is
possible to cause an infinite loop in the parsing of this header by passing 
certain bad values for the header, leading to a Denial of Service attack on
the service.

This has been fixed in revision:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=0b3894f57388b9955f2c33b2295223f2835cd7b3

Migration:

CXF 2.6.x users should upgrade to 2.6.11 or later as soon as possible.
CXF 2.7.x users should upgrade to 2.7.8 or later as soon as possible.
CXF 3.0.x users should upgrade to 3.0.1 or later as soon as possible.

Credit: This issue was reported by Dario Amiri (GE Global Research)

References: http://cxf.apache.org/security-advisories.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUNAHJAAoJEGe/gLEK1TmDozkIALZ6S+FaW3j8yEOh4twKdcjO
Gfl3nFuoQJMs3iFNk8TTNmWr9cg33sqhxHRpHiQ9Z/WNibNNZpOKziNu3r1L06eD
M4c+BzFNcpKN6fdoPsB1ivF0OjpYDSyl6fhJ2RwRpR0Jnq6678BfqPh1H/UaUpYC
EduwcKxOZ+Y7dkTz8xFWtPh8C9NfuWK8dOP9XTIXTGwp1MzltTWHDWhSq8Xhhjx0
oNevLPJi5h9Oy1Rs6tTDQ2L4mdD+4O97wHVixGGVfsrPaW0re/2gZxxZvWY2MxDz
tH6Upwlh5IsLmrawUnknsjM+gyJK4zH+8RkY71VnJZvANY3MOhxbxgiCpr2wdwE=
=MsK3
-----END PGP SIGNATURE-----