1543 matches found
PYSEC-2013-39
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
Design/Logic Flaw
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
PYSEC-2013-39
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
CVE-2013-1865
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
CVE-2013-1865
CVE-2013-1865 affects OpenStack Keystone Folsom (2012.2). The vulnerability arises because revocation checks for Keystone PKI tokens are not performed when processed through a server, allowing remote attackers to bypass access restrictions using a revoked PKI token. The reported impact is partial...
CVE-2013-1865
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
PT-2013-3441 · Openstack · Openstack Keystone
Name of the Vulnerable Software and Affected Versions: OpenStack Keystone version 2012.2 Description: The issue allows remote attackers to bypass intended access restrictions via a revoked PKI token, due to improper revocation checks for Keystone PKI tokens when performed through a server...
Ubuntu Update for keystone USN-1772-1
Check for the Version of keystone OpenVAS Vulnerability Test $Id: gbubuntuUSN17721.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for keystone USN-1772-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Ubuntu: Security Advisory (USN-1772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
bindings: External entity expansion in Python XML libraries inflicts potential security flaws and DoS vulnerabilities
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External...
bindings: Internal entity expansion in Python XML libraries inflicts DoS vulnerabilities
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
bindings: External entity expansion in Python XML libraries inflicts potential security flaws and DoS vulnerabilities
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External...
bindings: Internal entity expansion in Python XML libraries inflicts DoS vulnerabilities
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
bindings: Internal entity expansion in Python XML libraries inflicts DoS vulnerabilities
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
Ubuntu 12.10 : keystone vulnerability (USN-1772-1)
Guang Yee discovered that Keystone would not always perform all verification checks when configured to use PKI. If the keystone server was configured to use PKI and services or users requested online verification, an attacker could potentially exploit this to bypass revocation checks. Keystone us...
USN-1772-1: OpenStack Keystone vulnerability
Guang Yee discovered that Keystone would not always perform all verification checks when configured to use PKI. If the keystone server was configured to use PKI and services or users requested online verification, an attacker could potentially exploit this to bypass revocation checks. Keystone us...
CVE-2013-1865
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
Keystone: EC2-style authentication accepts disabled user/tenants
OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the 1 user, 2 tenant, or 3 domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions...
bindings: Internal entity expansion in Python XML libraries inflicts DoS vulnerabilities
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
Moderate: Red Hat Security Advisory: openstack-keystone security, bug fix, and enhancement update
Updated openstack-keystone packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...