CVE-2012-2351

Mahara <1.4.2 - Auth Bypass

Title source: llm

Description

The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of other SAML IdP servers by using the same internal username.

References (5)

[Issue Tracking, Patch] http://gitorious.org/mahara/mahara/commit/f07be6020e70fa8f53cd77fdcd63e7fd7ff8aaea

[Third Party Advisory] http://www.debian.org/security/2012/dsa-2467

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2012/05/11/9

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2012/05/12/4

[Issue Tracking] https://bugs.launchpad.net/mahara/+bug/932909

Scores

EPSS 0.0033

EPSS Percentile 55.7%

Classification

CWE

CWE-16 CWE-284 CWE-287

Status draft

Affected Products (50)

debian/debian_linux

mahara/mahara < 1.4.1

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

mahara/mahara

... and 35 more

Timeline

Published Jul 12, 2012

Tracked Since Feb 18, 2026