Stanford WebAuth FastCGI login.fcgi Information Disclosure

by Carol~ Moderator - 5/17/13 9:26 AM

In Reply to: VULNERABILITIES / FIXES - May 17, 2013 by Carol~ Moderator

Stanford WebAuth FastCGI login.fcgi Information Disclosure Vulnerability

Release Date : 2013-05-17

Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From remote
Solution Status: Vendor Patch

Software: Stanford WebAuth 4.x

A vulnerability has been reported in Stanford WebAuth, which can be exploited by malicious people to potentially disclose sensitive information.

The vulnerability is caused due to not resetting header state between requests when redirecting a user for REMOTE_USER authentication, which can be exploited to receive WebLogin cookies intended for a previous user of the same FastCGI login.fcgi process.

NOTE: Successful exploitation requires WebLogin be configured with the $REMUSER_REDIRECT option and running under FastCGI.

The vulnerability is reported in versions 4.4.1 through 4.5.2.

Update to version 4.5.3.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
WebAuth 2013-05-15 Advisory: