[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3542)
From:       Russell Bryant <rbryant () redhat ! com>
Date:       2012-08-30 15:10:16
Message-ID: 503F8258.10901 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OpenStack Security Advisory: 2012-012
CVE: CVE-2012-3542
Date: August 30, 2012
Title: Open redirect through 'next' parameter
Impact: Medium
Reporter: Thomas Biege (SUSE)
Products: Horizon
Affects: Essex (2012.1)

Description:
Thomas Biege from SUSE reported a vulnerability in Horizon
authentication mechanism. By adding a malicious 'next' parameter to a
Horizon authentication URL and enticing an unsuspecting user to follow
it, the victim might get redirected after authentication to a
malicious site where useful information could be extracted. Only
setups running Essex are affected.

Fixes:
2012.1:
https://github.com/openstack/horizon/commit/35eada8a27323c0f83c400177797927aba6bc99b

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3542
https://bugs.launchpad.net/horizon/+bug/1039077

Notes:
This fix will be included in a future Essex (2012.1) release.

- -- 
Russell Bryant
OpenStack Vulnerability Management Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlA/glMACgkQFg9ft4s9SAYMLACfdRBaonUw/CendCSy2gZh5hxw
O64Anjkx1c5i1pfpGEbwNkyRDiALgWhC
=5cbg
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]