| Summary: | <sys-cluster/nova-2012.2.3-r1: VNC proxy can connect to the wrong VM (CVE-2013-0335) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | trivial | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.openwall.com/lists/oss-security/2013/02/26/7 | ||
| Whiteboard: | ~4 [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
fixed in tree nova-2012.2.3-r1 (only one in tree) has the fix Thanks, Matthew! Closing noglsa for ~arch only. |
From ${URL} : OpenStack Security Advisory: 2013-006 CVE: CVE-2013-0335 Date: February 26, 2013 Title: VNC proxy can connect to the wrong VM Reporter: Loganathan Parthipan (HP), Rohit Karajgi (NTT Data) Products: Nova Affects: All versions Description: Loganathan Parthipan (HP) and Rohit Karajgi (NTT Data) independently reported a vulnerability in Nova. If a user requests a console and then deletes the VM, it is possible that the console token could allow connectivity to a different VM before the console token expires if the VNC port gets reused in that time period. This issue can be worked around by disabling VNC support. Fixes: master (grizzly): https://review.openstack.org/#/c/22086/ stable/folsom: https://review.openstack.org/#/c/22758 stable/essex: https://review.openstack.org/#/c/22872/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0335 https://bugs.launchpad.net/nova/+bug/1125378