CVE-2012-4457

OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant...

CVE-2012-4456

The 1 OS-KSADM/services and 2 tenant APIs in OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-2 do not properly validate X-Auth-Token, which allow remote attackers to read the roles for an arbitrary user or get, create, or delete arbitrary services...

PT-2012-5412 · Openstack · Openstack Keystone

Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to 2012.1.2 OpenStack Keystone Folsom versions prior to folsom-2 Description: The issue concerns improper validation of the X-Auth-Token in the OS-KSADM/services and tenant APIs. This allows remote attackers ...

Fedora Update for openstack-swift FEDORA-2012-15098

Check for the Version of openstack-swift OpenVAS Vulnerability Test Fedora Update for openstack-swift FEDORA-2012-15098 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Fedora Update for openstack-swift FEDORA-2012-15098

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 16 Update: openstack-swift-1.4.8-3.fc16

OpenStack Object Storage swift aggregates commodity servers to work toget her in clusters for reliable, redundant, and large-scale storage of static obje cts. Objects are written to multiple hardware devices in the data center, with t he OpenStack software responsible for ensuring data replicatio...

Fedora 16 : openstack-swift-1.4.8-3.fc16 (2012-15098)

Do not use pickle for serialization in memcache CVE-2012-4406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora Update for openstack-keystone FEDORA-2012-13075

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for openstack-keystone FEDORA-2012-13075

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2012-13075 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora 17 : openstack-keystone-2012.1.2-4.fc17 (2012-13075)

Require authz to update user's tenant CVE-2012-3542 - Delete user tokens after role grant/revoke CVE-2012-4413 - Fails to validate tokens in Admin API CVE-2012-4456 - Fails to raise Unauthorized user error for disabled tenant CVE-2012-4457 Note that Tenable Network Security has extracted the...

[SECURITY] Fedora 17 Update: openstack-keystone-2012.1.2-4.fc17

Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...

OpenStack Keystone Default Credentials

It is possible to log into the remote OpenStack Keystone instance by providing default credentials. Knowing these, an attacker can gain administrative control of the affected application and would then be able to read and write to Keystone, which is used as an identity provider by other services...

OpenStack Glance Detection

OpenStack Glance, a Python application that provides services for managing virtual machine images, was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62352; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"OpenStack...

OpenStack Keystone Detection

OpenStack Keystone, a Python application that provides identity, token, catalog and policy services to other OpenStack components was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62353; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/22";...

CVE-2012-4413

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

DEBIAN-CVE-2012-4413

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

CVE-2012-4413

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

Design/Logic Flaw

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

CVE-2012-4413

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

CVE-2012-4413

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...