1
Candidate: CVE-2012-2351
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2351
6
The default configuration of the auth/saml plugin in Mahara before 1.4.2
7
sets the "Match username attribute to Remote username" option to false,
8
which allows remote SAML IdP servers to spoof users of other SAML IdP
9
servers by using the same internal username.
18
upstream_mahara: released (1.4.2-1)
20
lucid_mahara: ignored (reached end-of-life)
21
natty_mahara: ignored (reached end-of-life)
22
oneiric_mahara: ignored (reached end-of-life)
23
precise_mahara: not-affected (1.4.2-1)
24
quantal_mahara: not-affected
25
raring_mahara: not-affected
26
saucy_mahara: not-affected