87 matches found
CVE-2013-2104
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
PYSEC-2014-69
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
Code injection
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
CVE-2013-2104
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
PT-2014-2551 · Openstack · Python-Keystoneclient
Name of the Vulnerable Software and Affected Versions: python-keystoneclient versions prior to 0.2.4 Description: The issue allows remote authenticated users to retain use of a token after it has expired or use a revoked token once it expires, due to improper checking of expiry for PKI tokens...
CVE-2013-2013
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...
CVE-2013-2013
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...
CVE-2013-2013
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...
PYSEC-2013-24
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...
CVE-2013-2013
CVE-2013-2013 affects python-keystoneclient prior to 0.2.4. The user-password-update command accepts the new password via the --password argument, allowing a local attacker to reveal the password by listing the process. Impact is local information disclosure; remediation is to upgrade to 0.2.4+ o...
CVE-2013-2013
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...
CVE-2013-4222
OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...
Fedora Update for python-keystoneclient FEDORA-2013-13900
Check for the Version of python-keystoneclient OpenVAS Vulnerability Test Fedora Update for python-keystoneclient FEDORA-2013-13900 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for python-keystoneclient FEDORA-2013-13900
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 18 Update: python-keystoneclient-0.2.0-2.fc18
Client library and command line utility for interacting with Openstack Keystone's API...
Fedora 18 : python-keystoneclient-0.2.0-2.fc18 (2013-13900)
Allow secure user password update. CVE-2013-2013 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for python-keystoneclient FEDORA-2013-14302
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-keystoneclient FEDORA-2013-14302
Check for the Version of python-keystoneclient OpenVAS Vulnerability Test Fedora Update for python-keystoneclient FEDORA-2013-14302 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
[SECURITY] Fedora 19 Update: python-keystoneclient-0.2.3-7.fc19
Client library and command line utility for interacting with Openstack Identity API...
Fedora 19 : python-keystoneclient-0.2.3-7.fc19 (2013-14302)
Selective backports from stable/grizzly : - Ec2Signer: Initial support for v4 signature verification. - Allow signature verification for older boto versions. - Default signingdir to secure temp dir. - Fix memcache encryption middleware. CVE-2013-2166, CVE-2013-2167 - Check token expiry...