lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <DF292D5D-A082-4B9C-BF59-14B8B5C3A637@thrashyour.com>
Date: Wed, 24 Apr 2013 17:12:06 -0700
From: John Kinsella <jlk@...ashyour.com>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Apache CloudStack Security Advisory: Multiple
	vulnerabilities in Apache CloudStack

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Product: Apache CloudStack
Vendor: The Apache Software Foundation
CVE References: CVE-2013-2756, CVE-2013-2758
Vulnerability Type(s): Authentication bypass (2756), cryptography (2758)
Vulnerable version(s): Apache CloudStack version 4.0.0-incubating and 4.0.1-incubating
Risk Level: High, Medium
CVSSv2 Base Scores: 7.3 (AV:N/AC:H/Au:N/CI:P/I:C/A:C), 4.3 (AV:A/AC:H/Au:N/CI:P/I:P/A:P)

Description:
The CloudStack PMC was notified of two issues found in Apache CloudStack:

1) An attacker with knowledge of CloudStack source code could gain
unauthorized access to the console of another tenant's VM.

2) Insecure hash values may lead to information disclosure. URLs
generated by Apache CloudStack to provide console access to virtual
machines contained a hash of a predictable sequence, the hash of
which was generated with a weak algorithm. While not easy to leverage,
this may allow a malicious user to gain unauthorized console access.

Mitigation:
Updating to Apache CloudStack versions 4.0.2 or higher will mitigate
these vulnerabilities.

Credit:
These issues were identified by Wolfram Schlich and Mathijs Schmittmann
to the Citrix security team, who in turn notified the Apache
CloudStack PMC.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCgAGBQJReHSvAAoJEI7yNrpBLHrS19UP/R+7RadV4QlnBxErhy53/FZf
qeOKGKj3cLm5dhFsNjzODQRRcSZohrwq3CX5dM1GW83LdAVJjoKQYCTO4/Dm+WP4
EI2z8PAxrr+gOZKZt0ouufb3aJPMP5nQK+/UphSUCNS9BPu2gDQubAgRq3bTFqHI
b54XVwd8SEZ/lb7ds8zXiKLCWtz18BK9JCa7/sWArpUlbJIqEYkC3NO4rvR/I/Uo
ZS6tvX4i/Fh+KoJwnhoYm852xoSRAX2YCv00Ao/WLleltzH43wSV2DA/SpKsfUAp
hvkkwMjYo0FFQZcvvFIFFXUAOMtjFVQ+Dh5CdXiozqQyeKpO61HtyNWoPGBsKaj7
RTlVSPu8vRxi1JiqVd850L1oa9wGgG3ywySY5NGs/TNdZ+6GtxO3jr2QMFDhI7G0
0uc2TPx63RZFdkODZ9FF6p29OfgRHy6Uq0UysHO8Yuadiys9xWOZjoHavDYPLrxC
ZRyrG1Ny9RUh5vQsoFIKoEJIwBtoK0ljLvNROT9T4cpG80qnj/SRUnvNxhPI87gJ
4Fcvh/1R/ZdvPeeMRf+eOd8euw1KkC6tCRbabQwCKb2hAXYxKXG5f+a7XRk/2laf
UNdjnvNEz9OqYKs0f3A4MLNv37PdtFBqLmfGDCPNx79VT+//exCxtTJXy6Ydwgmr
Qy2m9i7qrd34G2Cp0g4V
=7qL9
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ