openstack team mailing list archive

Thread
Date

Re: [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)

To: openstack@xxxxxxxxxxxxxxxxxxx
From: Matthew Thode <mthode@xxxxxxxxxx>
Date: Tue, 26 Feb 2013 16:31:10 -0600
In-reply-to: <512D004E.60502@redhat.com>
Reply-to: mthode@xxxxxxxxxx
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130217 Thunderbird/17.0.2

On 02/26/13 12:34, Russell Bryant wrote:
> OpenStack Security Advisory: 2013-006
> CVE: CVE-2013-0335
> Date: February 26, 2013
> Title: VNC proxy can connect to the wrong VM
> Reporter: Loganathan Parthipan (HP), Rohit Karajgi (NTT Data)
> Products: Nova
> Affects: All versions
> 
> Description:
> Loganathan Parthipan (HP) and Rohit Karajgi (NTT Data) independently
> reported a vulnerability in Nova. If a user requests a console and
> then deletes the VM, it is possible that the console token could allow
> connectivity to a different VM before the console token expires if the
> VNC port gets reused in that time period. This issue can be worked
> around by disabling VNC support.
> 
> Fixes:
> master (grizzly): https://review.openstack.org/#/c/22086/
> stable/folsom: https://review.openstack.org/#/c/22758
> stable/essex: https://review.openstack.org/#/c/22872/
> 
> References:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0335
> https://bugs.launchpad.net/nova/+bug/1125378
> 
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
> 

Fixed in Gentoo.

https://bugs.gentoo.org/show_bug.cgi?id=459364

-- 
-- Matthew Thode

Attachment: signature.asc
Description: OpenPGP digital signature

References

[OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)
From: Russell Bryant, 2013-02-26