CVE-2013-1665 – bindings: External entity expansion in Python XML libraries inflicts potential security flaws and DoS vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1665
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack. OpenStack Keystone Essex y Folsom permite a atacantes remotos leer ficheros arbitrarios a través de la declaración de una entidad externa XML junto con una referencia entidad, también conocido como un ataque XML External Entity (XXE). • http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html http://bugs.python.org/issue17239 http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html http://rhn.redhat.com/errata/RHSA-2013-0657.html http://rhn.redhat.com/errata/RHSA-2013-0658.html http://rhn.redhat.com/errata/RHSA-2013-0670.html http://ubuntu.com/usn/usn-1757-1 http://www.debian.org/security/2013/dsa-2634 http://www.openwall.com/lists/oss-security/2013/02/19 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-0208 – openstack-nova: Boot from volume allows access to random volumes
https://notcve.org/view.php?id=CVE-2013-0208
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter. La función de arranque de volumen en OpenStack Compute (Nova) Folsom y Essex, al utilizar NOVA-volúmenes, permite a usuarios remotos autenticados para arrancar desde volúmenes de otros usuarios a través de un identificador de volumen en el parámetro block_device_mapping. • http://osvdb.org/89661 http://rhn.redhat.com/errata/RHSA-2013-0208.html http://secunia.com/advisories/51963 http://secunia.com/advisories/51992 http://www.openwall.com/lists/oss-security/2013/01/29/9 http://www.securityfocus.com/bid/57613 http://www.ubuntu.com/usn/USN-1709-1 https://bugs.launchpad.net/nova/+bug/1069904 https://bugzilla.redhat.com/show_bug.cgi?id=902629 https://exchange.xforce.ibmcloud.com/vulnerabilities/81697 https://github.com/openstack/n • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-5625 – Nova: Information leak in libvirt LVM-backed instances
https://notcve.org/view.php?id=CVE-2012-5625
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV). OpenStack Compute (Nova) Folsom antes de 2012.2.2 y Grizzly, cuando utiliza instancias con respaldo libvirt y LVM, no limpia adecuadamente el contenido del volumen físico (PV) cuando se reasignan las instancias, lo que permite a los atacantes obtener información sensible mediante la lectura de la memoria de la anterior volumen lógico (LV). • http://osvdb.org/88419 http://rhn.redhat.com/errata/RHSA-2013-0208.html http://www.openwall.com/lists/oss-security/2012/12/11/5 http://www.securityfocus.com/bid/56904 http://www.ubuntu.com/usn/USN-1663-1 https://bugs.launchpad.net/nova/+bug/1070539 https://bugzilla.redhat.com/show_bug.cgi?id=884293 https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354 https://launchpad.net/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-5571 – OpenStack: Keystone EC2-style credentials invalidation issue
https://notcve.org/view.php?id=CVE-2012-5571
OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role. OpenStack Keystone Essex (2012.1) and Folsom (2012.2) no controlan correctamente los token EC2 cuando la función de usuario se ha eliminado de un inquilino, lo que permite a usuarios autenticados remotamente eludir las restricciones previstas al aprovechar un token para la función de usuario eliminado. • http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html http://rhn.redhat.com/errata/RHSA-2012-1556.html http://rhn.redhat.com/errata/RHSA-2012-1557.html http://secunia.com/advisories/51423 http://secunia.com/advisories/51436 http://www.openwall.com/lists/oss-security/2012/11/28/5 http://www.openwall.com/lists/oss-security/2012/11/28/6 http://www.securityfocus.com/bid/56726 http://www.ubuntu.com/usn/USN-1641-1 https://bugs.launchpad • CWE-255: Credentials Management Errors •
CVE-2012-5563 – OpenStack: Keystone extension of token validity through token chaining
https://notcve.org/view.php?id=CVE-2012-5563
OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression. OpenStack Keystone, como se usa en OpenStack Folsom 2012.2, no aplica correctamente el vencimiento del token, lo que permite a usuarios autenticados remotamente eludir las restricciones previstas por la creación de nuevos tokens mediante el encadenamiento de token. NOTA: este problema existe debido a una regresión de CVE-2012-3426. • http://rhn.redhat.com/errata/RHSA-2012-1557.html http://secunia.com/advisories/51423 http://secunia.com/advisories/51436 http://www.openwall.com/lists/oss-security/2012/11/28/5 http://www.openwall.com/lists/oss-security/2012/11/28/6 http://www.securityfocus.com/bid/56727 http://www.ubuntu.com/usn/USN-1641-1 https://bugs.launchpad.net/keystone/+bug/1079216 https://exchange.xforce.ibmcloud.com/vulnerabilities/80370 https://github.com/openstack/keystone/commit/38c • CWE-255: Credentials Management Errors •