Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в OpenStack
дополнено с 28 октября 2013 г.
Опубликовано:23 декабря 2013 г.
Источник:
SecurityVulns ID:13374
Тип:библиотека
Уровень опасности:
7/10
Описание:Утечка информации, DoS.
Затронутые продукты:OPENSTACK : Nova 2013.1
 OPENSTACK : Cinder 2013.1
 OPENSTACK : glanceclient 0.9
 OPENSTACK : Glance 2013.1
 OPENSTACK : Keystone 2013.1
 OPENSTACK : Swift 1.8
 OPENSTACK : Horizon 2013.2
 OPENSTACK : Keystone 2013.2
CVE:CVE-2013-6858 (Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.)
 CVE-2013-6391 (The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request.)
 CVE-2013-4477 (The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges.)
 CVE-2013-4428 (OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID.)
 CVE-2013-4294 (The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token.)
 CVE-2013-4278 (The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256.)
 CVE-2013-4261 (OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service (connection pool consumption), as demonstrated using multiple requests that send long strings to an instance console and retrieving the console log.)
 CVE-2013-4222 (OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.)
 CVE-2013-4202 (The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.)
 CVE-2013-4185 (Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests.)
 CVE-2013-4183 (The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.)
 CVE-2013-4179 (The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.)
 CVE-2013-4179 (The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.)
 CVE-2013-4155 (OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.)
 CVE-2013-4111 (The Python client library for Glance (python-glanceclient) before 0.10.0 does not properly check the preverify_ok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate and allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.)
 CVE-2013-2256 (OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.)
Оригинальный текстdocumentUBUNTU, [USN-2062-1] OpenStack Horizon vulnerability (23.12.2013)
 documentUBUNTU, [USN-2061-1] OpenStack Keystone vulnerability (23.12.2013)
 documentUBUNTU, [USN-2034-1] OpenStack Keystone vulnerability (26.11.2013)
 documentUBUNTU, [USN-2001-1] Swift vulnerability (28.10.2013)
 documentUBUNTU, [USN-2000-1] Nova vulnerabilities (28.10.2013)
 documentUBUNTU, [USN-2002-1] Keystone vulnerabilities (28.10.2013)
 documentUBUNTU, [USN-2003-1] Glance vulnerability (28.10.2013)
 documentUBUNTU, [USN-2004-1] python-glanceclient vulnerability (28.10.2013)
 documentUBUNTU, [USN-2005-1] Cinder vulnerabilities (28.10.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород