oss-sec mailing list archives
Re: CVE Request: Default password in openstack / crowbar trove
From: cve-assign () mitre org
Date: Wed, 17 Aug 2016 23:41:31 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
In crowbar-openstack / trove , the trove service user has a default password. https://bugzilla.suse.com/show_bug.cgi?id=991729 https://github.com/crowbar/crowbar-openstack/pull/485
https://github.com/crowbar/crowbar-openstack/pull/485/commits/869663d94daafe424dbf4f809a9ca68ab1b21873
Force the trove service password to be random_password in the model, to match other services.
Use CVE-2016-6829. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXtSP/AAoJEHb/MwWLVhi2JGwQALK7eHbxUE3d/0pJEZT3Dh2W IvR9Q/LzSl+hyPSi/p3hYMV7//trwQHOkfJCIu/vCFXfPTXB67CyqBJNDP5HPBbb Te6iFpvOx1DbjDNI3gVnuEavz0/qrkmFtQ2ckAA2Fm+fbgu+osYrFB9H4HXl9FB6 UXJLAQjl0PUqED+YWgcUWRE790y0Dy8Tec6yoHMYMbO9kd2vAaiB+pTHxi7Rj7NO JtiUif88dvAPvf9BPHdpZ1CWXrn5JMsmAzBEUfB2Agl+oQmvN1u7pjeq3WbflhkH Lxu30L3wUwA18KzHLO0Vu1JAG2hxZpntoTlFkJQON62b+YGrRnRiv6OG/+C1jsZ3 I4nM/JlZCveWYivqmL33Yt0LTT78OvnpYr/rkxKX4iJvSFhoNaF6RPIIDMbwpKo6 ARXS0oZfj81OLgv1l2n1SSUgs2PA0ak+FkKf4qN5/BYhcvHstIrB0Qtd7iMxoeXD 1HkjdNIKO+RaOTUsU639awR5qNRax4R6XIUdixEvqC3dnw+FneSv1k8zGrXev1L1 HbJWrc1Vcm08r8eh2B9RJcoDb/FmzYOslWF5XLWDAZ116w4TFzVDnqBLuas1HNoB AsDdtZFBl5uFYs0xBvWeoqp2mx+r0YIA4qaLItjEjg17W+kNnBYiKPos8jyjb8UF Kmk6i62iKxL5nMgFXXWt =2ckM -----END PGP SIGNATURE-----
Current thread:
- CVE Request: Default password in openstack / crowbar trove Marcus Meissner (Aug 16)
- Re: CVE Request: Default password in openstack / crowbar trove cve-assign (Aug 17)