7 matches found
RHEL 6 : openstack-keystone (RHSA-2013:1285)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1285 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token,...
Fedora Update for openstack-keystone FEDORA-2014-4210
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for openstack-keystone FEDORA-2013-20373
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2002-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2002-1] Keystone vulnerabilities
========================================================================== Ubuntu Security Notice USN-2002-1 October 23, 2013 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...
CVE-2013-4294
The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...
CVE-2013-4294
OpenStack Keystone (Identity) on Folsom 2012.2.x and Grizzly up to 2013.1.3/pre-2013.1.4 is affected where the memcache and KVS token back ends do not properly compare the PKI token revocation list with PKI tokens, allowing revoked tokens to bypass access controls. Red Hat advisory RHSA-2013:1285...