Vulnerability CVE-2009-3300

Vulnerability Name:

CVE-2009-3300 (CCN-54140)

Assigned:

2009-11-04

Published:

2009-11-04

Updated:

2017-08-17

Summary:

Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via URLs that are encountered in redirections, and appear in automatically generated forms.

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
2.2 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-79

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-3300

Source: CCN
Type: SA37237
Shibboleth Identity / Service Provider Cross-Site Scripting and Script Insertion

Source: SECUNIA
Type: Vendor Advisory
37237

Source: CCN
Type: Shibboleth Security Advisory [4 November 2009]
Shibboleth software improperly handles malformed URLs

Source: CONFIRM
Type: Vendor Advisory
http://shibboleth.internet2.edu/secadv/secadv_20091104.txt

Source: DEBIAN
Type: UNKNOWN
DSA-1947

Source: DEBIAN
Type: DSA-1947
opensaml2 -- missing input sanitising

Source: CCN
Type: OSVDB ID: 59818
Shibboleth Multiple Product URL Redirection Feature Unspecified XSS

Source: CCN
Type: BID-37241
Shibboleth Redirection URL HTML Injection Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2009-3150

Source: XF
Type: UNKNOWN
identity-url-xss(54140)

Source: XF
Type: UNKNOWN
identity-url-xss(54140)

Vulnerable Configuration:

Configuration 1:

cpe:/a:internet2:identity_provider:1.3:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:2.1.0:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:2.1.1:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:2.1.2:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:2.1.3:*:*:*:*:*:*:*

OR cpe:/a:internet2:identity_provider:2.1.4:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:1.3:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:2.0:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:2.1:*:*:*:*:*:*:*

OR cpe:/a:internet2:service_provider:2.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:7213	P	DSA-1947 shibboleth-sp, shibboleth-sp2, opensaml2 -- missing input sanitising	2014-06-23
oval:org.mitre.oval:def:13142	P	DSA-1947-1 shibboleth-sp, shibboleth-sp2, opensaml2 -- missing input sanitising	2014-06-23
oval:org.debian:def:1947	V	missing input sanitising	2009-12-07

BACK