CVE-2012-3540

The CVE-2012-3540 issue is an open redirect flaw in OpenStack Horizon Essex (2012.1) affecting the login flow. The vulnerability occurs in views/auth_forms.py (auth/login/) where a next parameter can redirect victims to arbitrary sites, enabling phishing after login. Affected Horizon versions req...

CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

CVE-2012-3542

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...

CVE-2012-3542

CVE-2012-3542 affects OpenStack Keystone as used in OpenStack Folsom (before folsom-rc1) and Essex (2012.1). The vulnerability arises in the identity service API where a remote attacker can cause an arbitrary user to be added to an arbitrary tenant by updating the user’s default tenant via the ad...

CVE-2012-3542

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...

CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

PT-2012-4795 · Openstack · Openstack Dashboard

Name of the Vulnerable Software and Affected Versions: OpenStack Dashboard Horizon version 2012.1 Description: The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to the "/auth/login/" API endpoint. Recommendation...

PT-2012-4796 · Openstack · Openstack Keystone +1

Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to folsom-rc1 OpenStack Essex 2012.1 Description: The issue allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API...

Ubuntu 12.04 LTS : keystone vulnerabilities (USN-1552-1)

Dolph Mathews discovered that OpenStack Keystone did not properly restrict to administrative users the ability to update users' tenants. A remote attacker that can reach the administrative API can use this to add any user to any tenant. CVE-2012-3542 Derek Higgins discovered that OpenStack Keysto...

Ubuntu Update for keystone USN-1552-1

Ubuntu Update for Linux kernel vulnerabilities USN-1552-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15521.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for keystone USN-1552-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Thi...

Ubuntu: Security Advisory (USN-1552-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1552-1: OpenStack Keystone vulnerabilities

Dolph Mathews discovered that OpenStack Keystone did not properly restrict to administrative users the ability to update users' tenants. A remote attacker that can reach the administrative API can use this to add any user to any tenant. CVE-2012-3542 Derek Higgins discovered that OpenStack Keysto...

[USN-1552-1] OpenStack Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

OpenStack Keystone limitations bypass

Administrative user limitations and token lifetime limitations bypass...

Fedora Update for python-django-horizon FEDORA-2012-6108

Check for the Version of python-django-horizon OpenVAS Vulnerability Test Fedora Update for python-django-horizon FEDORA-2012-6108 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Fedora Update for openstack-nova FEDORA-2012-11756

Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2012-11756 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Fedora Update for openstack-keystone FEDORA-2012-4690

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2012-4690 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for openstack-nova FEDORA-2012-6273

Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2012-6273 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Fedora Update for openstack-nova FEDORA-2012-10939

Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2012-10939 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Fedora Update for openstack-nova FEDORA-2012-10420

Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2012-10420 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...