CVE-2017-6413

The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka modauthopenidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDCCLAIM and OIDCAuthNHeader headers in an "AuthType oauth20" configuration, which allows remote attackers to bypass authentication via crafted HTTP traffic.

References

Affected packages

Git / github.com/openidc/mod_auth_openidc

Affected ranges

Type: GIT
Repo: https://github.com/openidc/mod_auth_openidc
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

21e3728a825c41ab41efa75e664108051bb9665e

Affected versions

v1.*

v1.5

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.6.0

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.8.0

v1.8.1

v1.8.10

v1.8.2

v1.8.3

v1.8.4

v1.8.5

v1.8.6

v1.8.7

v1.8.8

v1.8.9

v2.*

v2.0.0

v2.0.0rc1

v2.0.0rc4

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "source": "https://github.com/openidc/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2017-6413-15b46186",
        "digest": {
            "line_hashes": [
                "252592132319974117317083050032030932584",
                "245854842247398335139041577994342478702",
                "249301519142228043284928015001881791252",
                "12496067092907532332299473183032362101"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/mod_auth_openidc.h"
        }
    },
    {
        "signature_type": "Function",
        "source": "https://github.com/openidc/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2017-6413-9eab6cc5",
        "digest": {
            "length": 395.0,
            "function_hash": "235345058986512073726030606729054536041"
        },
        "target": {
            "file": "src/mod_auth_openidc.c",
            "function": "oidc_scrub_headers"
        }
    },
    {
        "signature_type": "Function",
        "source": "https://github.com/openidc/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2017-6413-b96c5034",
        "digest": {
            "length": 2113.0,
            "function_hash": "101436493843902703457223292790871171117"
        },
        "target": {
            "file": "src/oauth.c",
            "function": "oidc_oauth_check_userid"
        }
    },
    {
        "signature_type": "Line",
        "source": "https://github.com/openidc/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2017-6413-bc595be3",
        "digest": {
            "line_hashes": [
                "300885929279668652631216083908378489803",
                "86757556201774335385049608529931441491",
                "232568871630841356922068682392364302614"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/oauth.c"
        }
    },
    {
        "signature_type": "Line",
        "source": "https://github.com/openidc/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2017-6413-efae51a6",
        "digest": {
            "line_hashes": [
                "231156241331446138400413118183185546010",
                "328211974302038262523992695704363018362",
                "75708323700389784035179034936157320920",
                "339048421168395487366516423266575270949"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/mod_auth_openidc.c"
        }
    }
]