yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1540208] Re: CSRF mechanism is not safe.

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Tristan Cacqueray <tdecacqu@xxxxxxxxxx>
Date: Mon, 08 Feb 2016 15:11:17 -0000
Reply-to: Bug 1540208 <1540208@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: ossa
       Status: Incomplete => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1540208

Title:
  CSRF mechanism is not safe.

Status in OpenStack Dashboard (Horizon):
  Invalid
Status in OpenStack Security Advisory:
  Won't Fix

Bug description:
  I'm using burp suite to check secure of horizon 8.0.0.0. CSRF
  mechanism   is not safe.

  I saw : csrftoken equals with csrfmidlewaretoken ==> the reques is
  valid.

  Example: Do update network's name.

  The first request: 
   - I got csrftoken and csrfmidlewaretoken: PvVPmsOEqepSWnWgJa1GKYtBxcSXMTu1
  -  network's name :  attt_net_test_129

  then I change  csrftoken and csrfmidlewaretoken to "1" ,  network 's
  name value to "attt_net_test_121"

  Final, do send request ==> Network is updated succesfuly. (attach
  file)

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1540208/+subscriptions

References

[Bug 1540208] [NEW] CSRF mechanism is not safe.
From: Ke Vo Danh, 2016-02-01