oss-sec mailing list archives
Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)
From: Kiall Mac Innes <kiall () managedit ie>
Date: Thu, 13 Sep 2012 16:41:26 +0100
According to Russell's message - this bug only affects the essex/stable branch.. No backport is necessary I guess.. Also - https://github.com/openstack/horizon/tree/stable/essex shows the most recent commit is the commit/fix he linked to.. Thanks, Kiall On Thu, Sep 13, 2012 at 4:17 PM, andi abes <andi.abes () gmail com> wrote:
Has a fix for this been backported to essex/stable branch? On Thu, Aug 30, 2012 at 11:35 AM, Russell Bryant <rbryant () redhat com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This advisory included the wrong CVE. It was CVE-2012-3540. Sorry about that. On 08/30/2012 11:10 AM, Russell Bryant wrote:OpenStack Security Advisory: 2012-012 CVE: CVE-2012-3542This should have been CVE-2012-3540Date: August 30, 2012 Title: Open redirect through 'next' parameter Impact: Medium Reporter: Thomas Biege (SUSE) Products: Horizon Affects: Essex (2012.1) Description: Thomas Biege from SUSE reported a vulnerability in Horizon authentication mechanism. By adding a malicious 'next' parameter to a Horizon authentication URL and enticing an unsuspecting user to follow it, the victim might get redirected after authentication to a malicious site where useful information could be extracted. Only setups running Essex are affected. Fixes: 2012.1:https://github.com/openstack/horizon/commit/35eada8a27323c0f83c400177797927aba6bc99bReferences: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3542This should have been: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3540https://bugs.launchpad.net/horizon/+bug/1039077 Notes: This fix will be included in a future Essex (2012.1) release.- -- Russell Bryant OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlA/iDEACgkQFg9ft4s9SAbPBQCgndIk58K5ZF71PCxmWfDjV9MO 4yoAoJDGBeqC4TbJnyo+AsEeQYeTQEe6 =zO6p -----END PGP SIGNATURE----- _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack () lists launchpad net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack () lists launchpad net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Current thread:
- [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3542) Russell Bryant (Aug 30)
- Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540) Russell Bryant (Aug 30)
- Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540) andi abes (Sep 13)
- Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540) Kiall Mac Innes (Sep 13)
- Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540) andi abes (Sep 13)
- Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540) Russell Bryant (Aug 30)