Multiple CA SiteMinder Products SAML Signature Validation Security Bypass Vulnerability

Bugtraq ID: 58609
Class: Design Error
CVE: CVE-2013-2279
Remote: Yes
Local: No
Published: Mar 19 2013 12:00AM
Updated: Mar 19 2013 12:00AM
Credit: Juraj Somorovsky, Andreas Mayer, Jörg Schwenk, Marco Kampmann, and Meiko Jensen.
Vulnerable: Computer Associates SiteMinder for Secure Proxy Server 6.0
Computer Associates SiteMinder for Secure Proxy Server 12.5
Computer Associates SiteMinder for Secure Proxy Server 12.0
Computer Associates SiteMinder Federation(Standalone) 12.1
Computer Associates SiteMinder Federation(Standalone) 12.0
Computer Associates SiteMinder Federation(FSS) 12.5
Computer Associates SiteMinder Federation(FSS) 12.0
Computer Associates SiteMinder Federation r6
Computer Associates SiteMinder Agent for SharePoint 2010 0
Not Vulnerable: Computer Associates SiteMinder for Secure Proxy Server 12.5 CR2
Computer Associates SiteMinder Federation(Standalone) 12.5
Computer Associates SiteMinder Federation(FSS) 12.5 CR2
Computer Associates SiteMinder Federation(FSS) 12.0 SP3 CR12
Computer Associates SiteMinder Federation r6 SP6 CR10
Computer Associates SiteMinder Agent for SharePoint 2010 12.5.1


 

Privacy Statement
Copyright 2010, SecurityFocus