FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mono -- XML signature HMAC truncation spoofing

Affected packages
mono < 2.4.2.2

Details

VuXML ID 708c65a5-7c58-11de-a994-0030843d3802
Discovery 2009-07-15
Entry 2009-07-29

Secunia reports:

A security issue has been reported in Mono, which can be exploited by malicious people to conduct spoofing attacks.

The security issue is caused due to an error when processing certain XML signatures.

References

CVE Name CVE-2009-0217
URL http://secunia.com/advisories/35852/
URL http://www.kb.cert.org/vuls/id/466161