{"id":1577932,"date":"2025-03-13T17:49:52","date_gmt":"2025-03-13T19:49:52","guid":{"rendered":"https:\/\/teknomers.com\/fr\/github-decouvre-les-nouvelles-vulnerabilites-ruby-saml-permettant-aux-attaques-de-rachat-de-compte\/"},"modified":"2025-03-13T17:49:57","modified_gmt":"2025-03-13T19:49:57","slug":"github-decouvre-les-nouvelles-vulnerabilites-ruby-saml-permettant-aux-attaques-de-rachat-de-compte","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/github-decouvre-les-nouvelles-vulnerabilites-ruby-saml-permettant-aux-attaques-de-rachat-de-compte\/","title":{"rendered":"Github d\u00e9couvre les nouvelles vuln\u00e9rabilit\u00e9s Ruby-SAML permettant aux attaques de rachat de compte"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">13 mars 2025<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Authentification \/ vuln\u00e9rabilit\u00e9<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/Github-decouvre-les-nouvelles-vulnerabilites-Ruby-SAML-permettant-aux-attaques-de.png\" style=\"clear: left; display: block; float: left;  text-align: center;\"><\/a><\/div>\n<p>Deux d\u00e9fauts de s\u00e9curit\u00e9 \u00e0 haute s\u00e9v\u00e9rit\u00e9 ont \u00e9t\u00e9 divulgu\u00e9s dans la biblioth\u00e8que Ruby-SAML open source qui pourrait permettre aux acteurs malveillants de contourner les protections d&#8217;authentification du langage de balisage d&#8217;affirmation de s\u00e9curit\u00e9 (SAML).<\/p>\n<p>SAML est un langage de balisage bas\u00e9 sur XML et un standard ouvert utilis\u00e9 pour l&#8217;\u00e9change de donn\u00e9es d&#8217;authentification et d&#8217;autorisation entre les parties, permettant des fonctionnalit\u00e9s telles que la connexion unique (SSO), qui permet aux individus d&#8217;utiliser un seul ensemble d&#8217;identification pour acc\u00e9der \u00e0 plusieurs sites, services et applications.<\/p>\n<p>Les vuln\u00e9rabilit\u00e9s, suivies comme <a rel=\"noopener nofollow\" href=\"https:\/\/github.com\/advisories\/GHSA-4vc4-m8qh-g8jm\" target=\"_blank\">CVE-2025-25291<\/a> et <a rel=\"noopener nofollow\" href=\"https:\/\/github.com\/advisories\/GHSA-754f-8gm6-c4r2\" target=\"_blank\">CVE-2025-25292<\/a>transporter un score CVSS de 8,8 sur 10,0. Ils affectent les versions suivantes de la biblioth\u00e8que &#8211;<\/p>\n<p>Les deux lacunes d\u00e9coulent de la fa\u00e7on dont REXML et Nokogiri analysent XML diff\u00e9remment, ce qui fait g\u00e9n\u00e9rer les deux analyseurs enti\u00e8rement diff\u00e9rentes des structures de documents \u00e0 partir de la m\u00eame entr\u00e9e XML<\/p>\n<p>Ce diff\u00e9rentiel d&#8217;analyse permet \u00e0 un attaquant de pouvoir ex\u00e9cuter une attaque d&#8217;emballage de signature, conduisant \u00e0 un contournement d&#8217;authentification. Les vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 <a rel=\"noopener nofollow\" href=\"https:\/\/github.com\/SAML-Toolkits\/ruby-saml\/releases\/tag\/v1.18.0\" target=\"_blank\">abord\u00e9<\/a> Dans les versions Ruby-SAML 1.12.4 et 1.18.0.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener sponsored\" href=\"https:\/\/thehackernews.uk\/cloud-secure-d\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/Mozilla-met-a-jour-les-termes-de-Firefox-apres-le.jpg\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Github appartenant \u00e0 Microsoft, qui a d\u00e9couvert et signal\u00e9 les d\u00e9fauts en novembre 2024, a d\u00e9clar\u00e9 qu&#8217;ils pouvaient \u00eatre maltrait\u00e9s par des acteurs malveillants pour mener des attaques de rachat de comptabilit\u00e9.<\/p>\n<p>&#8220;Les attaquants qui sont en possession d&#8217;une seule signature valide cr\u00e9\u00e9e avec la cl\u00e9 utilis\u00e9e pour valider les r\u00e9ponses ou affirmations de SAML de l&#8217;organisation cibl\u00e9e peuvent l&#8217;utiliser pour construire eux-m\u00eames des affirmations SAML et sont \u00e0 leur tour en mesure de se connecter comme n&#8217;importe quel utilisateur&#8221;, a d\u00e9clar\u00e9 le chercheur en laboratoire de s\u00e9curit\u00e9 Github, Peter St\u00f6ckli, <a rel=\"noopener nofollow\" href=\"https:\/\/github.blog\/security\/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials\/\" target=\"_blank\">dit<\/a> dans un post.<\/p>\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/1741895392_462_Github-decouvre-les-nouvelles-vulnerabilites-Ruby-SAML-permettant-aux-attaques-de.png\" style=\"clear: left; display: block; float: left;  text-align: center;\"><img decoding=\"async\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/1741895392_462_Github-decouvre-les-nouvelles-vulnerabilites-Ruby-SAML-permettant-aux-attaques-de.png\" alt=\"\" border=\"0\" data-original-height=\"599\" data-original-width=\"1534\"\/><\/a><\/div>\n<p>La filiale appartenant \u00e0 Microsoft a \u00e9galement not\u00e9 que le probl\u00e8me se r\u00e9sume \u00e0 une &#8220;d\u00e9connexion&#8221; entre la v\u00e9rification du hachage et la v\u00e9rification de la signature, ouvrant la porte \u00e0 l&#8217;exploitation via un diff\u00e9rentiel d&#8217;analyseur.<\/p>\n<p>Les versions 1.12.4 et 1.18.0 branchent \u00e9galement un d\u00e9faut de d\u00e9ni de service distant (DOS) lors de la gestion des r\u00e9ponses SAML compress\u00e9es (CVE-2025-25293, score CVSS: 7,7). Les utilisateurs sont recommand\u00e9s de mettre \u00e0 jour la derni\u00e8re version pour sauvegarder contre les menaces potentielles.<\/p>\n<p>Les r\u00e9sultats surviennent pr\u00e8s de six mois apr\u00e8s que Gitlab et Ruby-SAML se soient d\u00e9plac\u00e9s pour aborder une autre vuln\u00e9rabilit\u00e9 critique (CVE-2024-45409, score CVSS: 10,0) qui pourrait \u00e9galement entra\u00eener un pontage d&#8217;authentification. <\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant? Suivez-nous <a rel=\"noopener nofollow\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Gazouillement <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"noopener nofollow\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">Liendin<\/a> Pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2025\/03\/github-uncovers-new-ruby-saml.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80213 mars 2025\ue804Ravie LakshmananAuthentification \/ vuln\u00e9rabilit\u00e9 Deux d\u00e9fauts de s\u00e9curit\u00e9 \u00e0 haute s\u00e9v\u00e9rit\u00e9 ont \u00e9t\u00e9 divulgu\u00e9s dans la biblioth\u00e8que Ruby-SAML open source qui pourrait permettre aux acteurs malveillants de contourner les protections d&#8217;authentification du langage de balisage d&#8217;affirmation de s\u00e9curit\u00e9 (SAML). SAML est un langage de balisage bas\u00e9 sur XML et un standard ouvert utilis\u00e9 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1577933,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[274266,274265,8074,507,4168,2205,79002,274264,4161,274263,6124,12680,50438,65,274267,4160,120,106717,4710,286549,238617,246491,4172,79016,4166,4164,12365],"class_list":["post-1577932","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-actualites-de-piratage","tag-actualites-des-pirates","tag-attaques","tag-aux","tag-comment-pirater","tag-compte","tag-cyber-security-news","tag-cyber-security-news-aujourdhui","tag-cyber-mises-a-jour","tag-cyber-nouvelles","tag-cyberattaques","tag-decouvre","tag-github","tag-les","tag-malware-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles","tag-permettant","tag-rachat","tag-rubysaml","tag-securite-de-linformation","tag-securite-du-reseau","tag-securite-informatique","tag-the-hacker-news","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-vulnerabilites"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1577932","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1577932"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1577932\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1577933"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1577932"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1577932"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1577932"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}