| -----BEGIN PGP SIGNED MESSAGE----- |
| Hash: SHA1 |
| |
| |
| CVE-2014-3584: Apache CXF JAX-RS SAML handling is vulnerable to a Denial of |
| Service (DoS) attack |
| |
| Severity: Major |
| |
| Vendor: The Apache Software Foundation |
| |
| Versions Affected: |
| |
| This vulnerability affects all versions of Apache CXF prior to 3.0.0-milestone1, |
| 2.7.8 and 2.6.11. |
| |
| Description: |
| |
| An Apache CXF JAX-RS service can process SAML tokens received in the |
| authorization header of a request via the SamlHeaderInHandler. However it is |
| possible to cause an infinite loop in the parsing of this header by passing |
| certain bad values for the header, leading to a Denial of Service attack on |
| the service. |
| |
| This has been fixed in revision: |
| |
| https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=0b3894f57388b9955f2c33b2295223f2835cd7b3 |
| |
| Migration: |
| |
| CXF 2.6.x users should upgrade to 2.6.11 or later as soon as possible. |
| CXF 2.7.x users should upgrade to 2.7.8 or later as soon as possible. |
| CXF 3.0.x users should upgrade to 3.0.1 or later as soon as possible. |
| |
| Credit: This issue was reported by Dario Amiri (GE Global Research) |
| |
| References: http://cxf.apache.org/security-advisories.html |
| |
| -----BEGIN PGP SIGNATURE----- |
| Version: GnuPG v1 |
| |
| iQEcBAEBAgAGBQJUNAHJAAoJEGe/gLEK1TmDozkIALZ6S+FaW3j8yEOh4twKdcjO |
| Gfl3nFuoQJMs3iFNk8TTNmWr9cg33sqhxHRpHiQ9Z/WNibNNZpOKziNu3r1L06eD |
| M4c+BzFNcpKN6fdoPsB1ivF0OjpYDSyl6fhJ2RwRpR0Jnq6678BfqPh1H/UaUpYC |
| EduwcKxOZ+Y7dkTz8xFWtPh8C9NfuWK8dOP9XTIXTGwp1MzltTWHDWhSq8Xhhjx0 |
| oNevLPJi5h9Oy1Rs6tTDQ2L4mdD+4O97wHVixGGVfsrPaW0re/2gZxxZvWY2MxDz |
| tH6Upwlh5IsLmrawUnknsjM+gyJK4zH+8RkY71VnJZvANY3MOhxbxgiCpr2wdwE= |
| =MsK3 |
| -----END PGP SIGNATURE----- |