You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2012/09/19 17:47:26 UTC
svn commit: r832468 - in /websites/production/cxf/content:
cache/main.pageCache cve-2012-3451.html security-advisories.html
Author: buildbot
Date: Wed Sep 19 15:47:26 2012
New Revision: 832468
Log:
Production update by buildbot for cxf
Added:
websites/production/cxf/content/cve-2012-3451.html
Modified:
websites/production/cxf/content/cache/main.pageCache
websites/production/cxf/content/security-advisories.html
Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Added: websites/production/cxf/content/cve-2012-3451.html
==============================================================================
--- websites/production/cxf/content/cve-2012-3451.html (added)
+++ websites/production/cxf/content/cve-2012-3451.html Wed Sep 19 15:47:26 2012
@@ -0,0 +1,246 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<html>
+ <head>
+ <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+ <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - CVE-2012-3451">
+ <title>
+Apache CXF -- CVE-2012-3451
+ </title>
+ </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+ <tr>
+ <td id="cell-0-0" colspan="2"> </td>
+ <td id="cell-0-1"> </td>
+ <td id="cell-0-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-1-0"> </td>
+ <td id="cell-1-1"> </td>
+ <td id="cell-1-2">
+ <div style="padding: 5px;">
+ <div id="banner">
+ <!-- Banner -->
+<div id="banner-content">
+<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Software Foundation"><img border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table>
+</div>
+ <!-- Banner -->
+ </div>
+ </div>
+ <div id="top-menu">
+ <table border="0" cellpadding="1" cellspacing="0" width="100%">
+ <tr>
+ <td>
+ <div align="left">
+ <!-- Breadcrumbs -->
+<a href="index.html">Index</a> > <a href="security-advisories.html">Security Advisories</a> > <a href="cve-2012-3451.html">CVE-2012-3451</a>
+ <!-- Breadcrumbs -->
+ </div>
+ </td>
+ <td>
+ <div align="right">
+ <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="download.html" title="Download">Download</a> | <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+ <!-- Quicklinks -->
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ <td id="cell-1-3"> </td>
+ <td id="cell-1-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-2-0" colspan="2"> </td>
+ <td id="cell-2-1">
+ <table>
+ <tr valign="top">
+ <td height="100%">
+ <div id="wrapper-menu-page-right">
+ <div id="wrapper-menu-page-top">
+ <div id="wrapper-menu-page-bottom">
+ <div id="menu-page">
+ <!-- NavigationBar -->
+<div id="navigation"><h3><a shape="rect" name="Navigation-ApacheCXFIndex"></a><a shape="rect" href="index.html" title="Index">Apache CXF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="index.html" title="Index">Home</a></li><li><a shape="rect" href="download.html" title="Download">Download</a></li><li><a shape="rect" href="people.html" title="People">People</a></li><li><a shape="rect" href="project-status.html" title="Project Status">Project Status</a></li><li><a shape="rect" href="roadmap.html" title="Roadmap">Roadmap</a></li><li><a shape="rect" href="mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li><li><a shape="rect" class="external-link" href="http://issues.apache.org/jira/browse/CXF">Issue Reporting</a></li><li><a shape="rect" href="special-thanks.html" title="Special Thanks">Special Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/licenses/">License</a></li><li><a shape="rect" href="security-advisories.html" title="Security Advisories">Security Advisories</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Users"></a>Users</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/index.html">User's Guide</a></li><li><a shape="rect" href="support.html" title="Support">Support</a></li><li><a shape="rect" href="faq.html" title="FAQ">FAQ</a></li><li><a shape="rect" href="resources-and-articles.html" title="Resources and Articles">Resources and Articles</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Search"></a>Search</h3>
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+ <div>
+ <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+ <input type="hidden" name="ie" value="UTF-8">
+ <input type="text" name="q" size="21">
+ <input type="submit" name="sa" value="Search">
+ </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
+
+
+<h3><a shape="rect" name="Navigation-Developers"></a>Developers</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/cxf-architecture.html">Architecture Guide</a></li><li><a shape="rect" href="source-repository.html" title="Source Repository">Source Repository</a></li><li><a shape="rect" href="building.html" title="Building">Building</a></li><li><a shape="rect" href="automated-builds.html" title="Automated Builds">Automated Builds</a></li><li><a shape="rect" href="testing-debugging.html" title="Testing-Debugging">Testing-Debugging</a></li><li><a shape="rect" href="coding-guidelines.html" title="Coding Guidelines">Coding Guidelines</a></li><li><a shape="rect" href="getting-involved.html" title="Getting Involved">Getting Involved</a></li><li><a shape="rect" href="release-management.html" title="Release Management">Release Management</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Subprojects"></a>Subprojects</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="distributed-osgi.html" title="Distributed OSGi">Distributed OSGi</a></li><li><a shape="rect" href="xjc-utils.html" title="XJC Utils">XJC Utils</a></li><li><a shape="rect" href="build-utils.html" title="Build Utils">Build Utils</a></li><li><a shape="rect" href="fediz.html" title="Fediz">Fediz</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-ASF"></a><a shape="rect" class="external-link" href="http://www.apache.org">ASF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/how-it-works.html">How Apache Works</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/">Foundation</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/sponsorship.html">Sponsor Apache</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/thanks.html">Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/security/">Security</a></li></ul>
+</div>
+ <!-- NavigationBar -->
+ </div>
+ </div>
+ </div>
+ </div>
+ </td>
+ <td height="100%">
+ <!-- Content -->
+ <div class="wiki-content">
+<div id="ConfluenceContent"><p>----<del>BEGIN PGP SIGNED MESSAGE</del>----<br clear="none">
+Hash: SHA1</p>
+
+
+<p>CVE-2012-3451: Apache CXF is vulnerable to SOAP Action spoofing attacks on<br clear="none">
+Document Literal web services.</p>
+
+<p>Severity: Important</p>
+
+<p>Vendor: The Apache Software Foundation</p>
+
+<p>Versions Affected:</p>
+
+<p>This vulnerability affects all released versions of Apache CXF.</p>
+
+<p>Description:</p>
+
+<p>Each operation in a SOAP web service can be associated with a SOAP Action<br clear="none">
+String (e.g. in the WSDL binding or via an annotation). The web service client<br clear="none">
+can send the SOAP Action String as a header with the request as a way of <br clear="none">
+letting the web service know what operation is required. </p>
+
+<p>In some cases, CXF uses the received SOAP Action to select the correct<br clear="none">
+operation to invoke, and does not check to see that the message body is<br clear="none">
+correct. This can be exploitable to execute a SOAP Action spoofing attack,<br clear="none">
+where an adversary can execute another operation in the web service by sending<br clear="none">
+the corresponding SOAP Action. This attack only works if the different<br clear="none">
+operation takes the same parameter types, and hence has somewhat limited<br clear="none">
+applicability.</p>
+
+<p>This attack also only applies for web services that use unique SOAPActions per<br clear="none">
+service operation which is not the default in CXF. Also note that WS-Policy<br clear="none">
+validation is done against the operation being invoked and thus the incoming<br clear="none">
+message must meet those policy requirements as well, also limiting<br clear="none">
+applicability.</p>
+
+<p>This has been fixed in revision:</p>
+
+<p><a shape="rect" class="external-link" href="http://svn.apache.org/viewvc?view=revision&revision=1368559">http://svn.apache.org/viewvc?view=revision&revision=1368559</a></p>
+
+<p>All released versions of CXF are affected.</p>
+
+<p>Migration:</p>
+
+<p>Users of CXF prior to 2.4.x should upgrade to either 2.4.9, 2.5.5, or 2.6.2.<br clear="none">
+CXF 2.4.x users should upgrade to 2.4.9 as soon as possible.<br clear="none">
+CXF 2.5.x users should upgrade to 2.5.5 as soon as possible.<br clear="none">
+CXF 2.6.x users should upgrade to 2.6.2 as soon as possible.</p>
+
+<p>References: <a shape="rect" href="http://cxf.apache.org/security-advisories.html">http://cxf.apache.org/security-advisories.html</a><br clear="none">
+----<del>BEGIN PGP SIGNATURE</del>----<br clear="none">
+Version: GnuPG v1.4.11 (GNU/Linux)</p>
+
+<p>iQEcBAEBAgAGBQJQWeNgAAoJEGe/gLEK1TmD2HYH/AomMsGxr/1WwT9dRQqUROG8<br clear="none">
+/2DLGe6lF2Ww+BxCxruxRosTU6QciAJqMWyDbIuMq8ANh9lEJNfjd+fxIGque8wo<br clear="none">
+2nWTc4U/AwLMgBxzonIH4uPDj5HK1R4LGqegzi78/vzJu0F3Q+M7mWPPwLOl6mCg<br clear="none">
+d0t+PSgWAsi8IVHAd99rxHSOwGnoiDjVjCaSMSpZ/nkYv9giO3YMjf69wKajQmVz<br clear="none">
+toFBckis8w0GN/GJ52LPPRcHc3ibpRIcPQXPscWdm0jq1b2UYTEwA5ylGMgJw5Lh<br clear="none">
+VBl8BTGO/dEkuA937UlYu+zUtbRb24RNf9e9eBgzHK32HNoM6zwBgtOf+owjTdM=<br clear="none">
+=k1gm<br clear="none">
+----<del>END PGP SIGNATURE</del>----</p></div>
+ </div>
+ <!-- Content -->
+ </td>
+ </tr>
+ </table>
+ </td>
+ <td id="cell-2-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-3-0"> </td>
+ <td id="cell-3-1"> </td>
+ <td id="cell-3-2">
+ <div id="footer">
+ <!-- Footer -->
+ <div id="site-footer">
+ <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a> -
+ (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=30151628">edit page</a>)
+ (<a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=30151628&showComments=true&showCommentArea=true#addcomment">add comment</a>)<br>
+ Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+ All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+ </div>
+ <!-- Footer -->
+ </div>
+ </td>
+ <td id="cell-3-3"> </td>
+ <td id="cell-3-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-4-0" colspan="2"> </td>
+ <td id="cell-4-1"> </td>
+ <td id="cell-4-2" colspan="2"> </td>
+ </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+
Modified: websites/production/cxf/content/security-advisories.html
==============================================================================
--- websites/production/cxf/content/security-advisories.html (original)
+++ websites/production/cxf/content/security-advisories.html Wed Sep 19 15:47:26 2012
@@ -136,7 +136,7 @@ Apache CXF -- Security Advisories
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><ul><li><a shape="rect" href="cve-2012-2379.html" title="CVE-2012-2379">CVE-2012-2379</a> - Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token.</li><li><a shape="rect" href="cve-2012-2378.html" title="CVE-2012-2378">CVE-2012-2378</a> - Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html" title="Note on CVE-2011-1096">Note on CVE-2011-1096</a> - XML Encryption flaw / Character pattern encoding attack.</li><li><a shape="rect" href="cve-2012-0803.html" title="CVE-2012-0803">CVE-2012-0803</a> - Apache CXF does not validate UsernameToken policies correctly.</li><li><a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf">CVE-2010-2076</a> - DTD based XML attacks.</li></ul>
+<div id="ConfluenceContent"><ul><li><a shape="rect" href="cve-2012-3451.html" title="CVE-2012-3451">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP Action spoofing attacks on Document Literal web services.</li><li><a shape="rect" href="cve-2012-2379.html" title="CVE-2012-2379">CVE-2012-2379</a> - Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token.</li><li><a shape="rect" href="cve-2012-2378.html" title="CVE-2012-2378">CVE-2012-2378</a> - Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html" title="Note on CVE-2011-1096">Note on CVE-2011-1096</a> - XML Encryption flaw / Character pattern encoding attack.</li><li><a shape="rect" href="cve-2012-0803.html" title="CVE-2012-0803">CVE-2012-0803</a> - Apache CXF does not validate UsernameToken policies correctly.</li><li><a shape="rect" class="external
-link" href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf">CVE-2010-2076</a> - DTD based XML attacks.</li></ul>
</div>
</div>
<!-- Content -->