'[oss-security] [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)
From:       Russell Bryant <rbryant () redhat ! com>
Date:       2013-02-26 18:34:54
Message-ID: 512D004E.60502 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OpenStack Security Advisory: 2013-006
CVE: CVE-2013-0335
Date: February 26, 2013
Title: VNC proxy can connect to the wrong VM
Reporter: Loganathan Parthipan (HP), Rohit Karajgi (NTT Data)
Products: Nova
Affects: All versions

Description:
Loganathan Parthipan (HP) and Rohit Karajgi (NTT Data) independently
reported a vulnerability in Nova. If a user requests a console and
then deletes the VM, it is possible that the console token could allow
connectivity to a different VM before the console token expires if the
VNC port gets reused in that time period. This issue can be worked
around by disabling VNC support.

Fixes:
master (grizzly): https://review.openstack.org/#/c/22086/
stable/folsom: https://review.openstack.org/#/c/22758
stable/essex: https://review.openstack.org/#/c/22872/

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0335
https://bugs.launchpad.net/nova/+bug/1125378

- -- 
Russell Bryant
OpenStack Vulnerability Management Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlEtAE4ACgkQFg9ft4s9SAZKLwCePGfNZAYdx2mjM2hWHt26Kff6
2HAAn38YuA93O4wg7SDUtcXar1Yr0d9q
=sVp/
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic