Denial of Service Vulnerability in Shibboleth Service Provider
CVE-2015-2684

Currently unrated

Key Information:

Vendor

Shibboleth

Status
Service Provider
Vendor
CVE Published:
31 March 2015

What is CVE-2015-2684?

A vulnerability in the Shibboleth Service Provider allows remote authenticated users to disrupt service by sending a specially crafted SAML message. This can lead to a crash of the affected application, resulting in a denial of service condition. It is critical for users of versions prior to 2.5.4 to evaluate their systems and apply appropriate patches to mitigate the risk posed by this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.debian.org/security/2015/dsa-3207
vendor-advisoryx_refsource_DEBIAN
http://www.securityfocus.com/bid/73314
vdb-entryx_refsource_BID
https://shibboleth.net/community/advisories/secadv_201503...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.