Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 18 Nov 2016 14:01:05 +0000
From: Tristan Cacqueray <tdecacqu@...hat.com>
To: oss-security@...ts.openwall.com
Subject: [OSSA 2016-013] Network information disclosure through Heat template
 source URL (CVE-2016-9185)

==============================================================================
OSSA-2016-013: Network information disclosure through Heat template
source URL
==============================================================================

:Date: November 18, 2016
:CVE: CVE-2016-9185


Affects
~~~~~~~
- Heat: <=5.0.3, >=6.0.0 <=6.1.0 and ==7.0.0


Description
~~~~~~~~~~~
Tom Patzig from SAP reported a vulnerability in Heat. By launching a
new Heat stack with a local URL an authenticated user may conduct
network discovery revealing internal network configuration. All Heat
setup are affected.


Patches
~~~~~~~
- https://review.openstack.org/393149 (Liberty)
- https://review.openstack.org/393148 (Mitaka)
- https://review.openstack.org/393147 (Newton)
- https://review.openstack.org/393146 (Ocata)


Credits
~~~~~~~
- Tom Patzig from SAP (CVE-2015-9185)


References
~~~~~~~~~~
- https://launchpad.net/bugs/1606500
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9185

--
Tristan Cacqueray
OpenStack Vulnerability Management Team



[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ