Date: Tue, 26 Feb 2013 13:34:54 -0500 From: Russell Bryant <rbryant@...hat.com> To: "openstack@...ts.launchpad.net" <openstack@...ts.launchpad.net>, oss-security@...ts.openwall.com, openstack-announce@...ts.openstack.org Subject: [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenStack Security Advisory: 2013-006 CVE: CVE-2013-0335 Date: February 26, 2013 Title: VNC proxy can connect to the wrong VM Reporter: Loganathan Parthipan (HP), Rohit Karajgi (NTT Data) Products: Nova Affects: All versions Description: Loganathan Parthipan (HP) and Rohit Karajgi (NTT Data) independently reported a vulnerability in Nova. If a user requests a console and then deletes the VM, it is possible that the console token could allow connectivity to a different VM before the console token expires if the VNC port gets reused in that time period. This issue can be worked around by disabling VNC support. Fixes: master (grizzly): https://review.openstack.org/#/c/22086/ stable/folsom: https://review.openstack.org/#/c/22758 stable/essex: https://review.openstack.org/#/c/22872/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0335 https://bugs.launchpad.net/nova/+bug/1125378 - -- Russell Bryant OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlEtAE4ACgkQFg9ft4s9SAZKLwCePGfNZAYdx2mjM2hWHt26Kff6 2HAAn38YuA93O4wg7SDUtcXar1Yr0d9q =sVp/ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ