Date: Thu, 06 Mar 2014 15:22:06 +0100 From: Florian Weimer <fweimer@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE request: cloud-init DNS resolution fix Prior to version 0.7.0, cloud-init could send requests for EC2 instance data to untrusted systems: https://bugs.launchpad.net/cloud-init/+bug/1040200 http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/revision/635 This could allow someone who has control over a suitable domain name to obtain root rights on an affected system. This was reported and fixed silently in 2012, so it would need a 2012 CVE name. (This issue is not specific to cloud-init, there seem to be some wget scripts out there which exhibit the same behavior, but it's probably some custom stuff that's not distributed anywhere, so no CVE is needed for that.) -- Florian Weimer / Red Hat Product Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ