CVE-2017-1000061 - xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input d

CVE-2017-1000061

Summary

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service

References

Vulnerable Configurations

cpe:2.3:a:xmlsec_project:xmlsec:*:*:*:*:*:*:*:*
cpe:2.3:a:xmlsec_project:xmlsec:*:*:*:*:*:*:*:*

CVSS

Base:	5.8 (as of 05-01-2018 - 02:31)
Impact:
Exploitability:

CWE

CWE-611

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:P

redhat via4

advisories

bugzilla

id	1437311
title	CVE-2017-1000061 xmlsec1: xmlsec vulnerable to external entity expansion

oval

AND

comment Red Hat Enterprise Linux 7 Client is installed
oval oval:com.redhat.rhba:tst:20150364001
comment Red Hat Enterprise Linux 7 Server is installed
oval oval:com.redhat.rhba:tst:20150364002
comment Red Hat Enterprise Linux 7 Workstation is installed
oval oval:com.redhat.rhba:tst:20150364003
comment Red Hat Enterprise Linux 7 ComputeNode is installed
oval oval:com.redhat.rhba:tst:20150364004

AND
comment xmlsec1 is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492019
comment xmlsec1 is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492020

AND

comment xmlsec1-devel is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492017
comment xmlsec1-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492018

AND

comment xmlsec1-gcrypt is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492007
comment xmlsec1-gcrypt is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492008

AND

comment xmlsec1-gcrypt-devel is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492023
comment xmlsec1-gcrypt-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492024

AND

comment xmlsec1-gnutls is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492009
comment xmlsec1-gnutls is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492010

AND

comment xmlsec1-gnutls-devel is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492005
comment xmlsec1-gnutls-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492006

AND
comment xmlsec1-nss is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492013
comment xmlsec1-nss is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492014

AND

comment xmlsec1-nss-devel is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492021
comment xmlsec1-nss-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492022

AND

comment xmlsec1-openssl is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492015
comment xmlsec1-openssl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492016

AND

comment xmlsec1-openssl-devel is earlier than 0:1.2.20-7.el7_4
oval oval:com.redhat.rhsa:tst:20172492011
comment xmlsec1-openssl-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172492012

rhsa

id	RHSA-2017:2492
released	2017-08-21
severity	Moderate
title	RHSA-2017:2492: xmlsec1 security update (Moderate)

rpms

xmlsec1-0:1.2.20-7.el7_4
xmlsec1-devel-0:1.2.20-7.el7_4
xmlsec1-gcrypt-0:1.2.20-7.el7_4
xmlsec1-gcrypt-devel-0:1.2.20-7.el7_4
xmlsec1-gnutls-0:1.2.20-7.el7_4
xmlsec1-gnutls-devel-0:1.2.20-7.el7_4
xmlsec1-nss-0:1.2.20-7.el7_4
xmlsec1-nss-devel-0:1.2.20-7.el7_4
xmlsec1-openssl-0:1.2.20-7.el7_4
xmlsec1-openssl-devel-0:1.2.20-7.el7_4

refmap via4

confirm

https://github.com/lsh123/xmlsec/issues/43

Last major update

05-01-2018 - 02:31

Published

17-07-2017 - 13:18