Summary: | sys-auth/keystone: Multiple vulnerabilities in Keystone revocation events (CVE-2014-{5251,5252,5253}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://seclists.org/oss-sec/2014/q3/296 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Kristian Fiskerstrand (RETIRED)
2014-08-05 16:21:40 UTC
There are as yet no CVE- listing at the link at $URL. The first patch under References: is a mismatch to the files of keystone-2014.1.1-r2. Not sure where this one is going. fixed in sys-auth/keystone-2014.1.2.1 vulnerable removed as well ( sys-auth/keystone-2014.1.1-r2 ) (In reply to Matthew Thode ( prometheanfire ) from comment #3) > vulnerable removed as well ( sys-auth/keystone-2014.1.1-r2 ) Thank you for fix and cleanup. No stabilized versions, closing noglsa. CVE-2014-5253 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5253): OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain. CVE-2014-5252 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5252): The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification (1) GET or (2) HEAD request to v3/auth/tokens/. CVE-2014-5251 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5251): The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token. |