APITest.IO: SSRF on testing endpoint

Synopsis The form at https://www.apitest.io/request accepts among others the "url" parameter. This feature allows to reach internal services like the OpenStack metadata server or services running on loopback. Identified services http://0x7f.1/ nginx = "If you see this page, the nginx web server i...

Nova: Metadata queries from Neutron to Nova are not restricted by tenant

Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by 1...