Rapid7 Vulnerability & Exploit Database

JRE XML Authentication Bypass

Back to Search

JRE XML Authentication Bypass

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

07/14/2009

Created

07/25/2018

Added

11/18/2009

Modified

09/13/2018

Description

The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in the Sun JDK and JRE 6 Update 14 and earlier uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length. This allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.

Solution(s)

jre-upgrade-latest

References

https://attackerkb.com/topics/cve-2009-0217
APPLE-SA-2009-09-03-1
35671
TA09-294A
TA10-159B
466161
CVE - 2009-0217
DSA-1995
Category II
V0024367
2010-B-0046
MS10-041
55895
55907
OVAL10186
OVAL7158
OVAL8717
RHSA-2009:1200
RHSA-2009:1201
RHSA-2009:1428
RHSA-2009:1636
RHSA-2009:1637
RHSA-2009:1649
RHSA-2009:1650
RHSA-2009:1694
SUSE-SA:2009:053
SUSE-SA:2010:017
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

JRE XML Authentication Bypass