PYSEC-2012-42

OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...

CVE-2012-5625

OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...

Design/Logic Flaw

OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...

CVE-2012-5483

CVE-2012-5483 affects OpenStack Keystone 2012.1.3 where /etc/keystone/ec2rc is world-readable when EC2 access is configured, allowing local users to read admin access and secret values and potentially access EC2 services. Root cause: insecure file permissions on ec2rc. Impact: local privilege/cre...

CVE-2012-5625

OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when libvirt with LVM-backed ephemeral storage is used, did not wipe PV content before reallocation to a new instance. This allowed reading memory from the previous LV and potential exposure of sensitive data. Remediation is to upgrade ...

CVE-2012-5625

OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...

CVE-2012-5483

tools/sampledata.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud Amazon EC2 is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this...

CVE-2012-5625

OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...

CVE-2012-5571

A flaw was found in OpenStack Keystone. This vulnerability allows remote authenticated users to bypass intended authorization restrictions. This occurs because OpenStack Keystone does not properly handle EC2 Elastic Compute Cloud tokens when a user's role has been removed from a tenant. An attack...

Authorization

OpenStack Keystone Essex 2012.1 and Folsom 2012.2 does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role...

Authorization

OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression...

PYSEC-2012-20

OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression...

PYSEC-2012-35

OpenStack Keystone Essex 2012.1 and Folsom 2012.2 does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role...

CVE-2012-5571

OpenStack Keystone is affected by CVE-2012-5571: EC2-style credentials can bypass authorization when a user’s role is removed from a tenant, allowing remote authenticated access. Root cause: improper handling of EC2 tokens tied to removed roles. Impact: unauthorized access to resources. Affected ...

CVE-2012-5563

CVE-2012-5563 affects OpenStack Keystone as used in OpenStack Folsom 2012.2. Keystone does not properly enforce token expiration, allowing remote authenticated users to bypass authorization by creating new tokens via token chaining. This issue is noted as a regression of CVE-2012-3426. Red Hat RH...

CVE-2012-5571

A flaw was found in OpenStack Keystone. This vulnerability allows remote authenticated users to bypass intended authorization restrictions. This occurs because OpenStack Keystone does not properly handle EC2 Elastic Compute Cloud tokens when a user's role has been removed from a tenant. An attack...

[USN-1663-1] Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1663-1 December 12, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.1-1.fc18

Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...

[SECURITY] Fedora 17 Update: openstack-keystone-2012.1.3-3.fc17

Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...

Moderate: Red Hat Security Advisory: openstack-keystone security, bug fix, and enhancement update

Updated openstack-keystone packages that fix two security issues, multiple bugs, and add enhancements are now available for Red Hat OpenStack Essex. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...