The python-keystone package on Ubuntu 13.10 is missing a security-related patch that allows an attacker to retrieve a token and elevate privileges to the trustor's roles
Reporter | Title | Published | Views | Family All 30 |
---|---|---|---|---|
seebug.org | OpenStack Keystone EC2-style什ηζ ‘ιͺηΉζζεζΌζ΄ | 16 Dec 201300:00 | β | seebug |
OpenVAS | Ubuntu: Security Advisory (USN-2061-1) | 23 Dec 201300:00 | β | openvas |
OpenVAS | Ubuntu Update for keystone USN-2061-1 | 23 Dec 201300:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2013-23589 | 3 Feb 201400:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2013-23589 | 3 Feb 201400:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2014-4903 | 21 Apr 201400:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2014-4903 | 21 Apr 201400:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2014-4210 | 8 Apr 201400:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2014-4210 | 8 Apr 201400:00 | β | openvas |
OpenVAS | Fedora Update for openstack-keystone FEDORA-2014-5497 | 8 Aug 201400:00 | β | openvas |
Source | Link |
---|---|
usn | www.usn.ubuntu.com/2061-1/ |
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2061-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(71564);
script_version("1.7");
script_cvs_date("Date: 2019/09/19 12:54:29");
script_cve_id("CVE-2013-6391");
script_bugtraq_id(64253);
script_xref(name:"USN", value:"2061-1");
script_name(english:"Ubuntu 13.10 : keystone vulnerability (USN-2061-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Steven Hardy discovered that Keystone did not properly enforce trusts
when using the ec2tokens API. An authenticated attacker could exploit
this to retrieve a token not scoped to the trust and elevate
privileges to the trustor's roles.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/2061-1/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected python-keystone package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python-keystone");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/14");
script_set_attribute(attribute:"patch_publication_date", value:"2013/12/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/20");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(13\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 13.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"13.10", pkgname:"python-keystone", pkgver:"1:2013.2-0ubuntu1.2")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python-keystone");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo