CVE-2013-2030
Published: 9 May 2013
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora.
Notes
| Author | Note |
|---|---|
| jdstrand | Ubuntu 12.04 LTS and lower not affected /tmp/keystone-signing-nova is created but it is owned by the nova user and symlink restrictions are in effect. upstream fix is to change /etc/nova/api-paste.ini. Since this issue is mitigated by symlink restrictions, ignoring since a config file change is too intrusive |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
nova Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Not vulnerable
|
|
| precise |
Not vulnerable
|
|
| quantal |
Ignored
|
|
| raring |
Ignored
|
|
| upstream |
Needed
|
|
|
Patches: upstream: https://review.openstack.org/#/c/28569/ upstream: https://review.openstack.org/#/c/28570/ upstream: https://review.openstack.org/#/c/28568/ |
||
| This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. | ||