Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 04 Mar 2012 20:24:11 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Joachim Fritschi <jfritschi@...enet.de>
Subject: Re: CVE Requests for phpCAS

On 03/04/2012 09:21 AM, Joachim Fritschi wrote:
> Hi,
> 
> 2 security vulnerabilities were discovered in the phpCAS library from
> the jasig project.
> 
> In the default configuration a phpCAS protected application allowed any
> other cas service with proxy authorization and valid user credentials to
> proxy any other phpCAS applications in the same SSO realm.
> This is a security flaw since individual applications should check
> whether another application is actually authorized to proxy for users in
> this particular application.
> This issue can be found on the issue tracker and a fix has already been
> committed:
> https://issues.jasig.org/browse/PHPCAS-69

Please use CVE-2012-1104 for this issue.

> In the default debug configuration a debug log was stored without proper
> protection in /tmp and in a proxy configuration session data was stored
> without proper protection in /tmp. This both could leak private user
> attributes and sensitive login tokens during the login procedure to
> other user on the webserver.
> This issue can be found on the issue tracker and a fix has already been
> committed:
> https://github.com/Jasig/phpCAS/issues/22

Please use CVE-2012-1105 for this issue.


> Could you please allocate two CVE identifiers for these issues?
> 
> Thanks,
> 
> Joachim


-- 
Kurt Seifried Red Hat Security Response Team (SRT)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.