[VIM] [CVENEW] New CVE CANs: 2013/03/22 17:00 ; count=5

coley at mitre.org coley at mitre.org
Fri Mar 22 16:04:25 CDT 2013 

======================================================
Name: CVE-2013-0335
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0335
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121206
Category: 
Reference: MLIST:[oss-security] 20130226 [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)
Reference: URL:http://www.openwall.com/lists/oss-security/2013/02/26/7
Reference: CONFIRM:https://bugs.launchpad.net/nova/+bug/1125378
Reference: CONFIRM:https://review.openstack.org/#/c/22086/
Reference: CONFIRM:https://review.openstack.org/#/c/22758
Reference: CONFIRM:https://review.openstack.org/#/c/22872/
Reference: UBUNTU:USN-1771-1
Reference: URL:http://www.ubuntu.com/usn/USN-1771-1
Reference: OSVDB:90657
Reference: URL:http://www.osvdb.org/90657
Reference: SECUNIA:52337
Reference: URL:http://secunia.com/advisories/52337
Reference: SECUNIA:52728
Reference: URL:http://secunia.com/advisories/52728

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1)
allows remote authenticated users to gain access to a VM in
opportunistic circumstances by using the VNC token for a deleted VM
that was bound to the same VNC port.



======================================================
Name: CVE-2013-1838
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1838
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 
Reference: MLIST:[openstack] 20130314 [OSSA 2013-008] Nova DoS by allocating all Fixed IPs (CVE-2013-1838)
Reference: URL:https://lists.launchpad.net/openstack/msg21892.html
Reference: MLIST:[oss-security] 20130314 [OSSA 2013-008] Nova DoS by allocating all Fixed IPs (CVE-2013-1838)
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/14/18
Reference: MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919648
Reference: CONFIRM:https://bugs.launchpad.net/nova/+bug/1125468
Reference: CONFIRM:https://review.openstack.org/#/c/24451/
Reference: CONFIRM:https://review.openstack.org/#/c/24452/
Reference: CONFIRM:https://review.openstack.org/#/c/24453/
Reference: UBUNTU:USN-1771-1
Reference: URL:http://ubuntu.com/usn/usn-1771-1
Reference: BID:58492
Reference: URL:http://www.securityfocus.com/bid/58492
Reference: OSVDB:91303
Reference: URL:http://osvdb.org/91303
Reference: SECUNIA:52580
Reference: URL:http://secunia.com/advisories/52580
Reference: SECUNIA:52728
Reference: URL:http://secunia.com/advisories/52728
Reference: XF:nova-fixedips-dos(82877)
Reference: URL:http://xforce.iss.net/xforce/xfdb/82877

OpenStack Nova Grizzly, Folsom (2012.2), and Essex (2012.1) does not
properly implement a quota for fixed IPs, which allows remote
authenticated users to cause a denial of service (resource exhaustion
and failure to spawn new instances) via a large number of calls to the
addFixedIp function.



======================================================
Name: CVE-2013-1840
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1840
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 
Reference: MLIST:[oss-security] 20130314 [OSSA 2013-007] Backend credentials leak in Glance v1 API (CVE-2013-1840)
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/14/15
Reference: CONFIRM:https://bugs.launchpad.net/glance/+bug/1135541
Reference: CONFIRM:https://review.openstack.org/#/c/24437/
Reference: CONFIRM:https://review.openstack.org/#/c/24438/
Reference: CONFIRM:https://review.openstack.org/#/c/24439/
Reference: UBUNTU:USN-1764-1
Reference: URL:http://www.ubuntu.com/usn/USN-1764-1
Reference: BID:58490
Reference: URL:http://www.securityfocus.com/bid/58490
Reference: OSVDB:91304
Reference: URL:http://osvdb.org/91304
Reference: SECUNIA:52565
Reference: URL:http://secunia.com/advisories/52565
Reference: XF:openstack-glance-api-info-disclosure(82878)
Reference: URL:http://xforce.iss.net/xforce/xfdb/82878

The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and
Grizzly, when using the single-tenant Swift or S3 store, reports the
location field, which allows remote authenticated users to obtain the
operator's backend credentials via a request for a cached image.



======================================================
Name: CVE-2013-1865
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1865
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 
Reference: MLIST:[oss-security] 20130320 [OSSA 2013-009] Keystone PKI tokens online validation bypasses revocation  check (CVE-2013-1865)
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/20/13
Reference: CONFIRM:https://bugs.launchpad.net/keystone/+bug/1129713
Reference: CONFIRM:https://review.openstack.org/#/c/24906/
Reference: UBUNTU:USN-1772-1
Reference: URL:http://www.ubuntu.com/usn/USN-1772-1
Reference: BID:58616
Reference: URL:http://www.securityfocus.com/bid/58616
Reference: OSVDB:91532
Reference: URL:http://osvdb.org/91532
Reference: SECUNIA:52657
Reference: URL:http://secunia.com/advisories/52657

OpenStack Keystone Folsom (2012.2) does not properly perform
revocation checks for Keystone PKI tokens when done through a server,
which allows remote attackers to bypass intended access restrictions
via a revoked PKI token.



======================================================
Name: CVE-2013-2501
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2501
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130307
Category: 
Reference: BUGTRAQ:20130308 Stored XSS in Terillion Reviews Wordpress Plugin
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2013-03/0055.html
Reference: MISC:http://packetstormsecurity.com/files/120730/WordPress-Terillion-Reviews-Cross-Site-Scripting.html
Reference: CONFIRM:http://plugins.trac.wordpress.org/changeset/683838/terillion-reviews
Reference: CONFIRM:http://wordpress.org/extend/plugins/terillion-reviews/changelog/
Reference: BID:58415
Reference: URL:http://www.securityfocus.com/bid/58415
Reference: OSVDB:91123
Reference: URL:http://osvdb.org/91123
Reference: XF:wp-terillionreviews-profileid-xss(82727)
Reference: URL:http://xforce.iss.net/xforce/xfdb/82727

Cross-site scripting (XSS) vulnerability in the Terillion Reviews
plugin before 1.2 for WordPress allows remote attackers to inject
arbitrary web script or HTML via the ProfileId field.

More information about the VIM mailing list