← Back to team overview

openstack team mailing list archive

[OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OpenStack Security Advisory: 2012-017 (ERRATA 1)
CVE: CVE-2012-4573, CVE-2012-5482
Date: November 9, 2012
Title: Authentication bypass for image deletion
Impact: High
Reporter: Gabe Westmaas (Rackspace)
Products: Glance
Affects: Essex, Folsom, Grizzly

Description:
Gabe Westmaas from Rackspace reported a vulnerability in Glance
authentication of image deletion requests. Authenticated users may be
able to delete arbitrary, non-protected images from Glance servers. All
Folsom and Grizzly deployments are affected. Additionally, Essex
deployments that use the delayed_delete option are also affected.

Fixes:
Grizzly:

https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc

https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88
2012.2 (Folsom):

https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6

https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3
2012.1 (Essex):

https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4573
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-5482
    https://bugs.launchpad.net/glance/+bug/1065187
    https://bugs.launchpad.net/glance/+bug/1076506

Notes:
This fix will be included in the grizzly-1 development milestone and in
a future 2012.2 (Folsom) release.

OSSA History:
2012-11-09 - Errata 1
  - Updated to reflect that the v2 API in Folsom and Grizzly was also
    affected
  - Include links to fixes for the v2 API
  - Added CVE-2012-5482 for the vulnerability against the v2 API
2012-11-07 - Original Version

- -- 
Russell Bryant
OpenStack Vulnerability Management Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlCdDmIACgkQFg9ft4s9SAa7OgCgp5T7I/jtch2w4X+M4WXiRZIk
sswAn10Oloak4YK3pyvHUlUXVPDN9C8K
=5JZI
-----END PGP SIGNATURE-----