463 matches found
Fedora Update for openstack-keystone FEDORA-2012-13075
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
OpenStack Keystone Detection
OpenStack Keystone, a Python application that provides identity, token, catalog and policy services to other OpenStack components was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62353; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/22";...
CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
PT-2012-5384 · Openstack · Openstack Keystone
Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to 2012.1.3 Description: The issue allows remote authenticated users to retain the privileges of revoked roles because existing tokens are not invalidated when roles are granted or revoked. Recommendations: F...
CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
CVE-2012-3542
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...
Open redirect
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...
PYSEC-2012-19
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...
CVE-2012-3542
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...
Ubuntu 12.04 LTS : keystone vulnerabilities (USN-1552-1)
Dolph Mathews discovered that OpenStack Keystone did not properly restrict to administrative users the ability to update users' tenants. A remote attacker that can reach the administrative API can use this to add any user to any tenant. CVE-2012-3542 Derek Higgins discovered that OpenStack Keysto...
[USN-1552-1] OpenStack Keystone vulnerabilities
========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
CVE-2012-3542
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...
Fedora Update for openstack-keystone FEDORA-2012-4690
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
DEBIAN-CVE-2012-3426
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...
CVE-2012-3426
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...
CVE-2012-3426
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...
CVE-2012-3426
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...
CVE-2012-3426
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...
Fedora 17 : openstack-keystone-2012.1-1.fc17 (2012-4690)
Update to Openstack Essex release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...
Fedora Update for openstack-keystone FEDORA-2012-4960
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2012-4960 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...