The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Eucalyptus | Eucalyptus | * | 3.1.0 (including) |
| Eucalyptus | Eucalyptus | 1.0 (including) | 1.0 (including) |
| Eucalyptus | Eucalyptus | 1.1 (including) | 1.1 (including) |
| Eucalyptus | Eucalyptus | 1.2 (including) | 1.2 (including) |
| Eucalyptus | Eucalyptus | 1.3 (including) | 1.3 (including) |
| Eucalyptus | Eucalyptus | 1.4 (including) | 1.4 (including) |
| Eucalyptus | Eucalyptus | 1.5.1 (including) | 1.5.1 (including) |
| Eucalyptus | Eucalyptus | 1.5.2 (including) | 1.5.2 (including) |
| Eucalyptus | Eucalyptus | 1.6 (including) | 1.6 (including) |
| Eucalyptus | Eucalyptus | 1.6.2 (including) | 1.6.2 (including) |
| Eucalyptus | Eucalyptus | 2.0 (including) | 2.0 (including) |
| Eucalyptus | Eucalyptus | 2.0.0 (including) | 2.0.0 (including) |
| Eucalyptus | Eucalyptus | 2.0.1 (including) | 2.0.1 (including) |
| Eucalyptus | Eucalyptus | 2.0.2 (including) | 2.0.2 (including) |
| Eucalyptus | Eucalyptus | 2.0.3 (including) | 2.0.3 (including) |
| Eucalyptus | Eucalyptus | 3.0 (including) | 3.0 (including) |
| Eucalyptus | Eucalyptus | 3.0.1 (including) | 3.0.1 (including) |
| Eucalyptus | Eucalyptus | 3.1.1 (including) | 3.1.1 (including) |
| Eucalyptus | Ubuntu | lucid | * |
| Eucalyptus | Ubuntu | natty | * |
| Eucalyptus | Ubuntu | oneiric | * |
| Eucalyptus | Ubuntu | precise | * |
| Eucalyptus | Ubuntu | upstream | * |