CVE-2014-7294 NYU Opensso Integration Open Redirect Security Vulnerability

genetic-and-binary-code

 

CVE-2014-7294 NYU OpenSSO Integration Open Redirect Security Vulnerability

Exploit Title: NYU OpenSSO Integration Logon Page url Parameter Open Redirect

Product: Opensso Integration

Vendor: NYU

Vulnerable Versions: 2.1 and probability prior

Tested Version: 2.1

Advisory Publication: DEC 29, 2014

Latest Update: DEC 29, 2014

Vulnerability Type: Open Redirect [CWE-601]

CVE Reference: CVE-2014-7294

CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)

Impact Subscore: 4.9

Exploitability Subscore: 8.6

Credit: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]

 

 

Advisory Details:

(1) Vendor URL:
http://www.exlibrisgroup.org/display/CrossProductCC/PDS+OpenSSO+Integration

 

Product Description:

“NYU has integrated PDS with Sun’s OpenSSO Identity Management application. The PDS/OpenSSO integration uses PDS as the NYU Libraries’ single sign-on system and leverages NYU’s OpenSSO system to provide seamless interaction between library applications and university services. The integration merges patron information from OpenSSO (e.g. name, email, e-resources access) with patron information from Aleph (e.g. borrower status and type) to ensure access to the multitude of library services."

“The NYU Libraries operate in a consortial environment in which not all users are in OpenSSO and not all OpenSSO users are in Aleph. PDS is hosted in an active/passive capacity on our Primo front-end servers. Due to the nature of PDS and Aleph, patrons are required to have an Aleph account in order to login to the library’s SSO environment. The exception to this rule is EZProxy."

 

 

(2) Vulnerability Details:

NYU Opensso Integration has a security problem. It is vulnerable to Open Redirect Attacks.



(2.1) The vulnerability occurs at “PDS" service’s logon page, with “&url" parameter.

 

 

 

References:

http://tetraph.com/security/cves/cve-2014-7294-ex-libris-patron-directory-services-pds-open-redirect-security-vulnerability/

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7294

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7294

http://seclists.org/fulldisclosure/2014/Dec/127

http://packetstormsecurity.com/files/author/11270/

http://www.securityfocus.com/bid/71832

http://www.scap.org.cn/CVE-2014-7294.html

http://tetraph.blogspot.com/2015/02/cve-2014-7294-nyu-opensso-integration.html

http://essayjeans.blog.163.com/blog/static/237173074201511073918109/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/open-redirect/cve-2014-7294-nyu-opensso-integration-open-redirect-security-vulnerability/

https://mathfas.wordpress.com/2015/02/10/cve-2014-7294-nyu-opensso-integration-open-redirect-security-vulnerability/

 

 

Leave a comment

你的電子郵件位址並不會被公開。 必要欄位標記為 *

你可以使用這些 HTML 標籤與屬性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>