CVE-2013-2030
Published: 9 May 2013
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora.
Notes
Author | Note |
---|---|
jdstrand | Ubuntu 12.04 LTS and lower not affected /tmp/keystone-signing-nova is created but it is owned by the nova user and symlink restrictions are in effect. upstream fix is to change /etc/nova/api-paste.ini. Since this issue is mitigated by symlink restrictions, ignoring since a config file change is too intrusive |
Priority
Status
Package | Release | Status |
---|---|---|
nova Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
oneiric |
Not vulnerable
|
|
precise |
Not vulnerable
|
|
quantal |
Ignored
|
|
raring |
Ignored
|
|
upstream |
Needed
|
|
Patches: upstream: https://review.openstack.org/#/c/28569/ upstream: https://review.openstack.org/#/c/28570/ upstream: https://review.openstack.org/#/c/28568/ |
||
This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. |