1
Candidate: CVE-2014-3527
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3527
5
https://jira.spring.io/browse/SEC-2688
6
http://spring.io/blog/2014/08/15/cve-2014-3527-fixed-in-spring-security-3-2-5-and-3-1-7
8
When using the CAS Proxy ticket authentication from Spring Security 3.1 to
9
3.2.4 a malicious CAS Service could trick another CAS Service into
10
authenticating a proxy ticket that was not associated. This is due to the
11
fact that the proxy ticket authentication uses the information from the
12
HttpServletRequest which is populated based upon untrusted information
13
within the HTTP request. This means if there are access control
14
restrictions on which CAS services can authenticate to one another, those
15
restrictions can be bypassed. If users are not using CAS Proxy tickets and
16
not basing access control decisions based upon the CAS Service, then there
17
is no impact to users.
20
sbeattie> java-spring-security 3.x only?
26
Patches_libspring-security-2.0-java:
27
upstream_libspring-security-2.0-java: needs-triage
28
precise_libspring-security-2.0-java: ignored (reached end-of-life)
29
precise/esm_libspring-security-2.0-java: DNE (precise was needs-triage)
30
trusty_libspring-security-2.0-java: needs-triage
31
vivid_libspring-security-2.0-java: ignored (reached end-of-life)
32
vivid/stable-phone-overlay_libspring-security-2.0-java: DNE
33
vivid/ubuntu-core_libspring-security-2.0-java: DNE
34
wily_libspring-security-2.0-java: ignored (reached end-of-life)
35
xenial_libspring-security-2.0-java: DNE
36
yakkety_libspring-security-2.0-java: DNE
37
zesty_libspring-security-2.0-java: DNE
38
artful_libspring-security-2.0-java: DNE
39
bionic_libspring-security-2.0-java: DNE
40
devel_libspring-security-2.0-java: DNE