QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2329

Published: Jun 2, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://launchpad.net/ubuntu/+source/rampart/+changelog

x_refsource_CONFIRM

http://launchpadlibrarian.net/72471990/rampart_1.3.0-1ubuntu2_1.3.0-1ubuntu3.diff.gz

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

rampart-ramparttimestamptoken-sec-bypass(67860)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.