phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subjects Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Phpcas | Apereo | * | 1.3.1 (including) |
| Phpcas | Apereo | 1.3.0 (including) | 1.3.0 (including) |
| Phpcas | Apereo | 1.3.0-rc1 (including) | 1.3.0-rc1 (including) |
References
- http://secunia.com/advisories/51818
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81208
- https://github.com/Jasig/phpCAS/blob/master/docs/ChangeLog
- http://secunia.com/advisories/51818
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81208
- https://github.com/Jasig/phpCAS/blob/master/docs/ChangeLog