Download
| Alert*
oval:org.secpod.oval:def:71607
It was discovered that the Shibboleth Service Provider is prone to a NULL pointer dereference flaw in the cookie-based session recovery feature. A remote, unauthenticated attacker can take advantage of this flaw to cause a denial of service . For additional information please refer to the upstream a ... oval:org.secpod.oval:def:71643 It was discovered that the Shibboleth Service Provider is prone to a NULL pointer dereference flaw in the cookie-based session recovery feature. A remote, unauthenticated attacker can take advantage of this flaw to cause a denial of service . For additional information please refer to the upstream a ... oval:org.secpod.oval:def:704580 libshibsp-dev is installed oval:org.secpod.oval:def:1900280 shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic Metadata Provider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the Metadata Filter plugins and does not perform critical security checks such as signature verification, enforcement of validity pe ... |