https://wiki.openstack.org/w/api.php?action=feedcontributions&user=Michael+Xin&feedformat=atomOpenStack - User contributions [en]2024-03-28T12:27:29ZUser contributionsMediaWiki 1.28.2https://wiki.openstack.org/w/index.php?title=Security_Notes&diff=123620Security Notes2016-04-07T13:54:37Z<p>Michael Xin: /* Published Security Notes */</p>
<hr />
<div>The OpenStack Security Project (OSSP) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.<br />
<br />
For advice on how to write OpenStack Security Notes see the [[Security/Security_Note_Process|Security Note Process]] documentation.<br />
<br />
=== Published Security Notes ===<br />
* [[OSSN/OSSN-0066|OSSN-0066]] - mongodb guest instance allows any user to connect ("work in progress")<br />
* [[OSSN/OSSN-0065|OSSN-0065]] - Glance embargoed issue ("work in progress")<br />
* [[OSSN/OSSN-0064|OSSN-0064]] - Keystone 'Admin_Token' in default configuration leads to insecure operation ("work in progress")<br />
* [[OSSN/OSSN-0063|OSSN-0063]] - Improper use of cached credentials in Nova and Cinder Key Manager ('''work in progress''')<br />
* [[OSSN/OSSN-0062|OSSN-0062]] - Potential reuse of revoked Identity tokens (15 Dec 2015)<br />
* [[OSSN/OSSN-0061|OSSN-0061]] - Glance image signature uses an insecure hash algorithm (MD5) (15 Dec 2015)<br />
* [[OSSN/OSSN-0060|OSSN-0060]] - Glance configuration option can lead to privilege escalation (25 Jan 2016)<br />
* [[OSSN/OSSN-0059|OSSN-0059]] - Trusted vm can be powered on untrusted host (16 Nov 2015)<br />
* [[OSSN/OSSN-0058|OSSN-0058]] - Cinder LVMISCIDriver allows possible unauthenticated mounting of volumes (17 Sep 2015)<br />
* [[OSSN/OSSN-0057|OSSN-0057]] - DoS style attack on Glance service can lead to service interruption or disruption (15 Oct 2015)<br />
* [[OSSN/OSSN-0056|OSSN-0056]] - Cached keystone tokens may be accepted after revocation (17 Sep 2015)<br />
* [[OSSN/OSSN-0055|OSSN-0055]] - Service accounts may have cloud admin privileges (17 Sep 2015)<br />
* [[OSSN/OSSN-0054|OSSN-0054]] - Potential Denial of Service in Horizon login (17 Sep 2015)<br />
* [[OSSN/OSSN-0053|OSSN-0053]] - Keystone token disclosure may result in malicious trust creation (23 Sep 2015)<br />
* [[OSSN/OSSN-0052|OSSN-0052]] - Python-swiftclient exposes raw token values in debug logs (17 Sep 2015)<br />
* [[OSSN/OSSN-0051|OSSN-0051]] - keystonemiddleware can allow access after token revocation ('''work in progress''')<br />
* [[OSSN/OSSN-0050|OSSN-0050]] - Disabling users & groups may not invalidate previously-issued tokens ('''work in progress''')<br />
* [[OSSN/OSSN-0049|OSSN-0049]] - Nova ironic driver logs sensitive information while operating in debug mode (7 Jul 2015)<br />
* [[OSSN/OSSN-0048|OSSN-0048]] - Glance method filtering does not work under certain conditions (30 Apr 2015)<br />
* [[OSSN/OSSN-0047|OSSN-0047]] - Keystone does not validate that identity providers match federation mappings (19 Apr 2015)<br />
* [[OSSN/OSSN-0046|OSSN-0046]] - Setting services to debug mode can also set Pecan to debug (11 May 2015)<br />
* [[OSSN/OSSN-0045|OSSN-0045]] - Vulnerable clients allow a TLS protocol downgrade (FREAK) (11 Mar 2015)<br />
* [[OSSN/OSSN-0044|OSSN-0044]] - Older versions of noVNC allow session theft (2 Mar 2015)<br />
* [[OSSN/OSSN-0043|OSSN-0043]] - glibc 'Ghost' vulnerability can allow remote code execution (5 Feb 2015)<br />
* [[OSSN/OSSN-0042|OSSN-0042]] - Keystone token scoping provides no security benefit (17 Dec 2014)<br />
* [[OSSN/OSSN-0041|OSSN-0041]] - Linux ISCSI Admin Utility (tgtadm) does not work with Cinder ('''work in progress''')<br />
* [[OSSN/OSSN-0039|OSSN-0039]] - Configuring OpenStack deployments to prevent POODLE attacks (21 Oct 2014)<br />
* [[OSSN/OSSN-0038|OSSN-0038]] - Suds client subject to cache poisoning by local attacker (17 Dec 2014)<br />
* [[OSSN/OSSN-0037|OSSN-0037]] - Configure Horizon to mitigate BREACH/CRIME attacks (19 Sep 2013)<br />
* [[OSSN/OSSN-0036|OSSN-0036]] - Horizon does not set Secure Attribute in cookies (19 Sep 2013)<br />
* [[OSSN/OSSN-0035|OSSN-0035]] - HTTP Strict Transport Security not enabled on Horizon Dashboard (19 Sep 2013)<br />
* [[OSSN/OSSN-0034|OSSN-0034]] - Restarting memcached loses revoked token list (19 Sep 2013)<br />
* [[OSSN/OSSN-0033|OSSN-0033]] - Some SSL-Enabled connections fail to perform basic certificate checks (19 Sep 2013)<br />
* [[OSSN/OSSN-0032|OSSN-0032]] - Disabling a tenant does not disable a user token (30 Aug 2013)<br />
* [[OSSN/OSSN-0031|OSSN-0031]] - Nova Baremetal exposes previous tenant data (2 Jul 2013)<br />
* [[OSSN/OSSN-0030|OSSN-0030]] - Bash 'shellshock' bug can lead to code injection vulnerability (26 Sep 2014)<br />
* [[OSSN/OSSN-0029|OSSN-0029]] - Neutron firewall rules lack port restrictions when using protocol 'any' (24 Sep 2014)<br />
* [[OSSN/OSSN-0028|OSSN-0028]] - Nova leaks compute host SMBIOS serial number to guests (3 Oct 2014)<br />
* [[OSSN/OSSN-0027|OSSN-0027]] - Neutron ARP cache poisoning vulnerability (16 Sep 2014)<br />
* [[OSSN/OSSN-0026|OSSN-0026]] - Unrestricted write permission to config files can allow code execution (5 Sep 2014)<br />
* [[OSSN/OSSN-0025|OSSN-0025]] - Swift can allow images to be accessed by anyone on the same network when using delay_auth_decision (21 Oct 2014)<br />
* [[OSSN/OSSN-0024|OSSN-0024]] - Sensitive data exposure by logging in python-keystoneclient (25 Sep 2014)<br />
* [[OSSN/OSSN-0023|OSSN-0023]] - Keystone logs auth tokens in URLs at the INFO log level (4 Sep 2014)<br />
* [[OSSN/OSSN-0022|OSSN-0022]] - Nova Networking does not enforce security group rules following a soft reboot of an instance (11 Aug 2014)<br />
* [[OSSN/OSSN-0021|OSSN-0021]] - Users of compromised accounts should verify Keystone trusts (25 July 2014)<br />
* [[OSSN/OSSN-0020|OSSN-0020]] - Disassociating floating IP from a VM does not terminate NAT connections (15 Sep 2014)<br />
* [[OSSN/OSSN-0019|OSSN-0019]] - Cinder SSH Pool will auto-accept SSH host signatures by default (30 Jun 2014)<br />
* [[OSSN/OSSN-0018|OSSN-0018]] - Nova Network configuration allows guest VMs to connect to host services (25 Jun 2014)<br />
* [[OSSN/OSSN-0017|OSSN-0017]] - Session-fixation vulnerability in Horizon when using the default signed cookie sessions (20 Jun 2014)<br />
* [[OSSN/OSSN-0016|OSSN-0016]] - Cinder wipe fails in an insecure manner on Grizzly (3 Jun 2014)<br />
* [[OSSN/OSSN-0015|OSSN-0015]] - Glance allows non-admin users to create public images (31 May 2014)<br />
* [[OSSN/OSSN-0014|OSSN-0014]] - Cinder drivers set insecure file permissions (31 May 2014)<br />
* [[OSSN/OSSN-0013|OSSN-0013]] - Some versions of Glance do not apply property protections as expected (7 May 2014)<br />
* [[OSSN/OSSN-0012|OSSN-0012]] - OpenSSL Heartbleed vulnerability can lead to OpenStack compromise (10 Apr 2014)<br />
* [[OSSN/OSSN-0011|OSSN-0011]] - Heat templates with invalid references allows unintended network access (4 Apr 2014)<br />
* [[OSSN/OSSN-0010|OSSN-0010]] - Sample Keystone v3 policy exposes privilege escalation vulnerability (17 Apr 2014)<br />
* [[OSSN/OSSN-0009|OSSN-0009]] - Potential token revocation abuse via group membership (2 Apr 2014)<br />
* [[OSSN/OSSN-0008|OSSN-0008]] - DoS style attack on noVNC server can lead to service interruption or disruption (9 Mar 2014)<br />
* [[OSSN/OSSN-0007|OSSN-0007]] - Live migration instructions recommend unsecured libvirt remote access (6 Mar 2014)<br />
* [[OSSN/1254619|OSSN-0006]] - Keystone can allow user impersonation when using REMOTE_USER for external authentication (17 Jan 2014)<br />
* [[OSSN/1226078|OSSN-0005]] - Glance allows sharing of images between projects without consumer project approval (11 Dec 2013)<br />
* [[OSSN/1237989|OSSN-0004]] - Authenticated users are able to update passwords without providing their current password (22 Nov 2013)<br />
* [[OSSN/1168252|OSSN-0003]] - Keystone configuration should not be world readable (13 May 2013)<br />
* [[OSSN/1155566|OSSN-0002]] - HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS (23 Apr 2013)<br />
* [[OSSN/1098582|OSSN-0001]] - Selecting LXC as Nova Virtualization Driver can lead to data compromise (15 Mar 2013)</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=OSSN/OSSN-0059&diff=89441OSSN/OSSN-00592015-09-03T00:39:50Z<p>Michael Xin: Created page with "== Trusted vm can be powered on untrusted host=="</p>
<hr />
<div>== Trusted vm can be powered on untrusted host==</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=Security_Notes&diff=89440Security Notes2015-09-03T00:38:15Z<p>Michael Xin: /* Published Security Notes */</p>
<hr />
<div>The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.<br />
<br />
For advice on how to write OpenStack Security Notes see the [[Security/Security_Note_Process|Security Note Process]] documentation.<br />
<br />
=== Published Security Notes ===<br />
* [[OSSN/OSSN-0059|OSSN-0059]] - Trusted vm can be powered on untrusted host('''work in progress''')<br />
* [[OSSN/OSSN-0058|OSSN-0058]] - Cinder LVMISCIDriver allows possible unauthenticated mounting of volumes ('''work in progress''')<br />
* [[OSSN/OSSN-0057|OSSN-0057]] - DoS style attack on Glance service can lead to service interruption or disruption ('''work in progress''')<br />
* [[OSSN/OSSN-0056|OSSN-0056]] - Keystonemiddleware allowing access after token revocation('''work in progress''')<br />
* [[OSSN/OSSN-0055|OSSN-0055]] - Service accounts may have cloud admin privileges (2 Sep 2015)<br />
* [[OSSN/OSSN-0054|OSSN-0054]] - Another Horizon login page vulnerability to a DoS attack ('''work in progress''')<br />
* [[OSSN/OSSN-0053|OSSN-0053]] - Keystone token disclosure may result in malicious trust creation ('''work in progress''')<br />
* [[OSSN/OSSN-0052|OSSN-0052]] - swiftclient disclose token in debug logs ('''work in progress''')<br />
* [[OSSN/OSSN-0051|OSSN-0051]] - keystonemiddleware can allow access after token revocation ('''work in progress''')<br />
* [[OSSN/OSSN-0050|OSSN-0050]] - Disabling users & groups may not invalidate previously-issued tokens ('''work in progress''')<br />
* [[OSSN/OSSN-0049|OSSN-0049]] - Nova ironic driver logs sensitive information while operating in debug mode (7 Jul 2015)<br />
* [[OSSN/OSSN-0048|OSSN-0048]] - Glance method filtering does not work under certain conditions (30 Apr 2015)<br />
* [[OSSN/OSSN-0047|OSSN-0047]] - Keystone does not validate that identity providers match federation mappings (19 Apr 2015)<br />
* [[OSSN/OSSN-0046|OSSN-0046]] - Setting services to debug mode can also set Pecan to debug (11 May 2015)<br />
* [[OSSN/OSSN-0045|OSSN-0045]] - Vulnerable clients allow a TLS protocol downgrade (FREAK) (11 Mar 2015)<br />
* [[OSSN/OSSN-0044|OSSN-0044]] - Older versions of noVNC allow session theft (2 Mar 2015)<br />
* [[OSSN/OSSN-0043|OSSN-0043]] - glibc 'Ghost' vulnerability can allow remote code execution (5 Feb 2015)<br />
* [[OSSN/OSSN-0042|OSSN-0042]] - Keystone token scoping provides no security benefit (17 Dec 2014)<br />
* [[OSSN/OSSN-0041|OSSN-0041]] - Linux ISCSI Admin Utility (tgtadm) does not work with Cinder ('''work in progress''')<br />
* [[OSSN/OSSN-0040|OSSN-0040]] - Neutron LBaaS VIP port does not enforce security groups when used with Open VSwitch ('''work in progress''')<br />
* [[OSSN/OSSN-0039|OSSN-0039]] - Configuring OpenStack deployments to prevent POODLE attacks (21 Oct 2014)<br />
* [[OSSN/OSSN-0038|OSSN-0038]] - Suds client subject to cache poisoning by local attacker (17 Dec 2014)<br />
* [[OSSN/OSSN-0037|OSSN-0037]] - Configure Horizon to mitigate BREACH/CRIME attacks (19 Sep 2013)<br />
* [[OSSN/OSSN-0036|OSSN-0036]] - Horizon does not set Secure Attribute in cookies (19 Sep 2013)<br />
* [[OSSN/OSSN-0035|OSSN-0035]] - HTTP Strict Transport Security not enabled on Horizon Dashboard (19 Sep 2013)<br />
* [[OSSN/OSSN-0034|OSSN-0034]] - Restarting memcached loses revoked token list (19 Sep 2013)<br />
* [[OSSN/OSSN-0033|OSSN-0033]] - Some SSL-Enabled connections fail to perform basic certificate checks (19 Sep 2013)<br />
* [[OSSN/OSSN-0032|OSSN-0032]] - Disabling a tenant does not disable a user token (30 Aug 2013)<br />
* [[OSSN/OSSN-0031|OSSN-0031]] - Nova Baremetal exposes previous tenant data (2 Jul 2013)<br />
* [[OSSN/OSSN-0030|OSSN-0030]] - Bash 'shellshock' bug can lead to code injection vulnerability (26 Sep 2014)<br />
* [[OSSN/OSSN-0029|OSSN-0029]] - Neutron firewall rules lack port restrictions when using protocol 'any' (24 Sep 2014)<br />
* [[OSSN/OSSN-0028|OSSN-0028]] - Nova leaks compute host SMBIOS serial number to guests (3 Oct 2014)<br />
* [[OSSN/OSSN-0027|OSSN-0027]] - Neutron ARP cache poisoning vulnerability (16 Sep 2014)<br />
* [[OSSN/OSSN-0026|OSSN-0026]] - Unrestricted write permission to config files can allow code execution (5 Sep 2014)<br />
* [[OSSN/OSSN-0025|OSSN-0025]] - Swift can allow images to be accessed by anyone on the same network when using delay_auth_decision (21 Oct 2014)<br />
* [[OSSN/OSSN-0024|OSSN-0024]] - Sensitive data exposure by logging in python-keystoneclient (25 Sep 2014)<br />
* [[OSSN/OSSN-0023|OSSN-0023]] - Keystone logs auth tokens in URLs at the INFO log level (4 Sep 2014)<br />
* [[OSSN/OSSN-0022|OSSN-0022]] - Nova Networking does not enforce security group rules following a soft reboot of an instance (11 Aug 2014)<br />
* [[OSSN/OSSN-0021|OSSN-0021]] - Users of compromised accounts should verify Keystone trusts (25 July 2014)<br />
* [[OSSN/OSSN-0020|OSSN-0020]] - Disassociating floating IP from a VM does not terminate NAT connections (15 Sep 2014)<br />
* [[OSSN/OSSN-0019|OSSN-0019]] - Cinder SSH Pool will auto-accept SSH host signatures by default (30 Jun 2014)<br />
* [[OSSN/OSSN-0018|OSSN-0018]] - Nova Network configuration allows guest VMs to connect to host services (25 Jun 2014)<br />
* [[OSSN/OSSN-0017|OSSN-0017]] - Session-fixation vulnerability in Horizon when using the default signed cookie sessions (20 Jun 2014)<br />
* [[OSSN/OSSN-0016|OSSN-0016]] - Cinder wipe fails in an insecure manner on Grizzly (3 Jun 2014)<br />
* [[OSSN/OSSN-0015|OSSN-0015]] - Glance allows non-admin users to create public images (31 May 2014)<br />
* [[OSSN/OSSN-0014|OSSN-0014]] - Cinder drivers set insecure file permissions (31 May 2014)<br />
* [[OSSN/OSSN-0013|OSSN-0013]] - Some versions of Glance do not apply property protections as expected (7 May 2014)<br />
* [[OSSN/OSSN-0012|OSSN-0012]] - OpenSSL Heartbleed vulnerability can lead to OpenStack compromise (10 Apr 2014)<br />
* [[OSSN/OSSN-0011|OSSN-0011]] - Heat templates with invalid references allows unintended network access (4 Apr 2014)<br />
* [[OSSN/OSSN-0010|OSSN-0010]] - Sample Keystone v3 policy exposes privilege escalation vulnerability (17 Apr 2014)<br />
* [[OSSN/OSSN-0009|OSSN-0009]] - Potential token revocation abuse via group membership (2 Apr 2014)<br />
* [[OSSN/OSSN-0008|OSSN-0008]] - DoS style attack on noVNC server can lead to service interruption or disruption (9 Mar 2014)<br />
* [[OSSN/OSSN-0007|OSSN-0007]] - Live migration instructions recommend unsecured libvirt remote access (6 Mar 2014)<br />
* [[OSSN/1254619|OSSN-0006]] - Keystone can allow user impersonation when using REMOTE_USER for external authentication (17 Jan 2014)<br />
* [[OSSN/1226078|OSSN-0005]] - Glance allows sharing of images between projects without consumer project approval (11 Dec 2013)<br />
* [[OSSN/1237989|OSSN-0004]] - Authenticated users are able to update passwords without providing their current password (22 Nov 2013)<br />
* [[OSSN/1168252|OSSN-0003]] - Keystone configuration should not be world readable (13 May 2013)<br />
* [[OSSN/1155566|OSSN-0002]] - HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS (23 Apr 2013)<br />
* [[OSSN/1098582|OSSN-0001]] - Selecting LXC as Nova Virtualization Driver can lead to data compromise (15 Mar 2013)</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=Security_Notes&diff=89429Security Notes2015-09-02T23:24:12Z<p>Michael Xin: /* Published Security Notes */</p>
<hr />
<div>The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.<br />
<br />
For advice on how to write OpenStack Security Notes see the [[Security/Security_Note_Process|Security Note Process]] documentation.<br />
<br />
=== Published Security Notes ===<br />
* [[OSSN/OSSN-0058|OSSN-0059]] - Trusted vm can be powered on untrusted host('''work in progress''')<br />
* [[OSSN/OSSN-0058|OSSN-0058]] - Cinder LVMISCIDriver allows possible unauthenticated mounting of volumes ('''work in progress''')<br />
* [[OSSN/OSSN-0057|OSSN-0057]] - DoS style attack on Glance service can lead to service interruption or disruption ('''work in progress''')<br />
* [[OSSN/OSSN-0056|OSSN-0056]] - Keystonemiddleware allowing access after token revocation('''work in progress''')<br />
* [[OSSN/OSSN-0055|OSSN-0055]] - Service accounts may have cloud admin privileges ('''work in progress''')<br />
* [[OSSN/OSSN-0054|OSSN-0054]] - Another Horizon login page vulnerability to a DoS attack ('''work in progress''')<br />
* [[OSSN/OSSN-0053|OSSN-0053]] - Keystone token disclosure may result in malicious trust creation ('''work in progress''')<br />
* [[OSSN/OSSN-0052|OSSN-0052]] - swiftclient disclose token in debug logs ('''work in progress''')<br />
* [[OSSN/OSSN-0051|OSSN-0051]] - keystonemiddleware can allow access after token revocation ('''work in progress''')<br />
* [[OSSN/OSSN-0050|OSSN-0050]] - Disabling users & groups may not invalidate previously-issued tokens ('''work in progress''')<br />
* [[OSSN/OSSN-0049|OSSN-0049]] - Nova ironic driver logs sensitive information while operating in debug mode (7 Jul 2015)<br />
* [[OSSN/OSSN-0048|OSSN-0048]] - Glance method filtering does not work under certain conditions (30 Apr 2015)<br />
* [[OSSN/OSSN-0047|OSSN-0047]] - Keystone does not validate that identity providers match federation mappings (19 Apr 2015)<br />
* [[OSSN/OSSN-0046|OSSN-0046]] - Setting services to debug mode can also set Pecan to debug (11 May 2015)<br />
* [[OSSN/OSSN-0045|OSSN-0045]] - Vulnerable clients allow a TLS protocol downgrade (FREAK) (11 Mar 2015)<br />
* [[OSSN/OSSN-0044|OSSN-0044]] - Older versions of noVNC allow session theft (2 Mar 2015)<br />
* [[OSSN/OSSN-0043|OSSN-0043]] - glibc 'Ghost' vulnerability can allow remote code execution (5 Feb 2015)<br />
* [[OSSN/OSSN-0042|OSSN-0042]] - Keystone token scoping provides no security benefit (17 Dec 2014)<br />
* [[OSSN/OSSN-0041|OSSN-0041]] - Linux ISCSI Admin Utility (tgtadm) does not work with Cinder ('''work in progress''')<br />
* [[OSSN/OSSN-0040|OSSN-0040]] - Neutron LBaaS VIP port does not enforce security groups when used with Open VSwitch ('''work in progress''')<br />
* [[OSSN/OSSN-0039|OSSN-0039]] - Configuring OpenStack deployments to prevent POODLE attacks (21 Oct 2014)<br />
* [[OSSN/OSSN-0038|OSSN-0038]] - Suds client subject to cache poisoning by local attacker (17 Dec 2014)<br />
* [[OSSN/OSSN-0037|OSSN-0037]] - Configure Horizon to mitigate BREACH/CRIME attacks (19 Sep 2013)<br />
* [[OSSN/OSSN-0036|OSSN-0036]] - Horizon does not set Secure Attribute in cookies (19 Sep 2013)<br />
* [[OSSN/OSSN-0035|OSSN-0035]] - HTTP Strict Transport Security not enabled on Horizon Dashboard (19 Sep 2013)<br />
* [[OSSN/OSSN-0034|OSSN-0034]] - Restarting memcached loses revoked token list (19 Sep 2013)<br />
* [[OSSN/OSSN-0033|OSSN-0033]] - Some SSL-Enabled connections fail to perform basic certificate checks (19 Sep 2013)<br />
* [[OSSN/OSSN-0032|OSSN-0032]] - Disabling a tenant does not disable a user token (30 Aug 2013)<br />
* [[OSSN/OSSN-0031|OSSN-0031]] - Nova Baremetal exposes previous tenant data (2 Jul 2013)<br />
* [[OSSN/OSSN-0030|OSSN-0030]] - Bash 'shellshock' bug can lead to code injection vulnerability (26 Sep 2014)<br />
* [[OSSN/OSSN-0029|OSSN-0029]] - Neutron firewall rules lack port restrictions when using protocol 'any' (24 Sep 2014)<br />
* [[OSSN/OSSN-0028|OSSN-0028]] - Nova leaks compute host SMBIOS serial number to guests (3 Oct 2014)<br />
* [[OSSN/OSSN-0027|OSSN-0027]] - Neutron ARP cache poisoning vulnerability (16 Sep 2014)<br />
* [[OSSN/OSSN-0026|OSSN-0026]] - Unrestricted write permission to config files can allow code execution (5 Sep 2014)<br />
* [[OSSN/OSSN-0025|OSSN-0025]] - Swift can allow images to be accessed by anyone on the same network when using delay_auth_decision (21 Oct 2014)<br />
* [[OSSN/OSSN-0024|OSSN-0024]] - Sensitive data exposure by logging in python-keystoneclient (25 Sep 2014)<br />
* [[OSSN/OSSN-0023|OSSN-0023]] - Keystone logs auth tokens in URLs at the INFO log level (4 Sep 2014)<br />
* [[OSSN/OSSN-0022|OSSN-0022]] - Nova Networking does not enforce security group rules following a soft reboot of an instance (11 Aug 2014)<br />
* [[OSSN/OSSN-0021|OSSN-0021]] - Users of compromised accounts should verify Keystone trusts (25 July 2014)<br />
* [[OSSN/OSSN-0020|OSSN-0020]] - Disassociating floating IP from a VM does not terminate NAT connections (15 Sep 2014)<br />
* [[OSSN/OSSN-0019|OSSN-0019]] - Cinder SSH Pool will auto-accept SSH host signatures by default (30 Jun 2014)<br />
* [[OSSN/OSSN-0018|OSSN-0018]] - Nova Network configuration allows guest VMs to connect to host services (25 Jun 2014)<br />
* [[OSSN/OSSN-0017|OSSN-0017]] - Session-fixation vulnerability in Horizon when using the default signed cookie sessions (20 Jun 2014)<br />
* [[OSSN/OSSN-0016|OSSN-0016]] - Cinder wipe fails in an insecure manner on Grizzly (3 Jun 2014)<br />
* [[OSSN/OSSN-0015|OSSN-0015]] - Glance allows non-admin users to create public images (31 May 2014)<br />
* [[OSSN/OSSN-0014|OSSN-0014]] - Cinder drivers set insecure file permissions (31 May 2014)<br />
* [[OSSN/OSSN-0013|OSSN-0013]] - Some versions of Glance do not apply property protections as expected (7 May 2014)<br />
* [[OSSN/OSSN-0012|OSSN-0012]] - OpenSSL Heartbleed vulnerability can lead to OpenStack compromise (10 Apr 2014)<br />
* [[OSSN/OSSN-0011|OSSN-0011]] - Heat templates with invalid references allows unintended network access (4 Apr 2014)<br />
* [[OSSN/OSSN-0010|OSSN-0010]] - Sample Keystone v3 policy exposes privilege escalation vulnerability (17 Apr 2014)<br />
* [[OSSN/OSSN-0009|OSSN-0009]] - Potential token revocation abuse via group membership (2 Apr 2014)<br />
* [[OSSN/OSSN-0008|OSSN-0008]] - DoS style attack on noVNC server can lead to service interruption or disruption (9 Mar 2014)<br />
* [[OSSN/OSSN-0007|OSSN-0007]] - Live migration instructions recommend unsecured libvirt remote access (6 Mar 2014)<br />
* [[OSSN/1254619|OSSN-0006]] - Keystone can allow user impersonation when using REMOTE_USER for external authentication (17 Jan 2014)<br />
* [[OSSN/1226078|OSSN-0005]] - Glance allows sharing of images between projects without consumer project approval (11 Dec 2013)<br />
* [[OSSN/1237989|OSSN-0004]] - Authenticated users are able to update passwords without providing their current password (22 Nov 2013)<br />
* [[OSSN/1168252|OSSN-0003]] - Keystone configuration should not be world readable (13 May 2013)<br />
* [[OSSN/1155566|OSSN-0002]] - HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS (23 Apr 2013)<br />
* [[OSSN/1098582|OSSN-0001]] - Selecting LXC as Nova Virtualization Driver can lead to data compromise (15 Mar 2013)</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=Security_Notes&diff=89402Security Notes2015-09-02T21:08:42Z<p>Michael Xin: </p>
<hr />
<div>The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.<br />
<br />
For advice on how to write OpenStack Security Notes see the [[Security/Security_Note_Process|Security Note Process]] documentation.<br />
<br />
=== Published Security Notes ===<br />
* [[OSSN/OSSN-0053|OSSN-0054]] - Another Horizon login page vulnerability to a DoS attack ('''work in progress''')<br />
* [[OSSN/OSSN-0053|OSSN-0053]] - Hypervisor compromise may result in malicious trust creation ('''work in progress''')<br />
* [[OSSN/OSSN-0052|OSSN-0052]] - swiftclient disclose token in debug logs ('''work in progress''')<br />
* [[OSSN/OSSN-0051|OSSN-0051]] - keystonemiddleware can allow access after token revocation ('''work in progress''')<br />
* [[OSSN/OSSN-0050|OSSN-0050]] - Disabling users & groups may not invalidate previously-issued tokens ('''work in progress''')<br />
* [[OSSN/OSSN-0049|OSSN-0049]] - Nova ironic driver logs sensitive information while operating in debug mode (7 Jul 2015)<br />
* [[OSSN/OSSN-0048|OSSN-0048]] - Glance method filtering does not work under certain conditions (30 Apr 2015)<br />
* [[OSSN/OSSN-0047|OSSN-0047]] - Keystone does not validate that identity providers match federation mappings (19 Apr 2015)<br />
* [[OSSN/OSSN-0046|OSSN-0046]] - Setting services to debug mode can also set Pecan to debug (11 May 2015)<br />
* [[OSSN/OSSN-0045|OSSN-0045]] - Vulnerable clients allow a TLS protocol downgrade (FREAK) (11 Mar 2015)<br />
* [[OSSN/OSSN-0044|OSSN-0044]] - Older versions of noVNC allow session theft (2 Mar 2015)<br />
* [[OSSN/OSSN-0043|OSSN-0043]] - glibc 'Ghost' vulnerability can allow remote code execution (5 Feb 2015)<br />
* [[OSSN/OSSN-0042|OSSN-0042]] - Keystone token scoping provides no security benefit (17 Dec 2014)<br />
* [[OSSN/OSSN-0041|OSSN-0041]] - Linux ISCSI Admin Utility (tgtadm) does not work with Cinder ('''work in progress''')<br />
* [[OSSN/OSSN-0040|OSSN-0040]] - Neutron LBaaS VIP port does not enforce security groups when used with Open VSwitch ('''work in progress''')<br />
* [[OSSN/OSSN-0039|OSSN-0039]] - Configuring OpenStack deployments to prevent POODLE attacks (21 Oct 2014)<br />
* [[OSSN/OSSN-0038|OSSN-0038]] - Suds client subject to cache poisoning by local attacker (17 Dec 2014)<br />
* [[OSSN/OSSN-0037|OSSN-0037]] - Configure Horizon to mitigate BREACH/CRIME attacks (19 Sep 2013)<br />
* [[OSSN/OSSN-0036|OSSN-0036]] - Horizon does not set Secure Attribute in cookies (19 Sep 2013)<br />
* [[OSSN/OSSN-0035|OSSN-0035]] - HTTP Strict Transport Security not enabled on Horizon Dashboard (19 Sep 2013)<br />
* [[OSSN/OSSN-0034|OSSN-0034]] - Restarting memcached loses revoked token list (19 Sep 2013)<br />
* [[OSSN/OSSN-0033|OSSN-0033]] - Some SSL-Enabled connections fail to perform basic certificate checks (19 Sep 2013)<br />
* [[OSSN/OSSN-0032|OSSN-0032]] - Disabling a tenant does not disable a user token (30 Aug 2013)<br />
* [[OSSN/OSSN-0031|OSSN-0031]] - Nova Baremetal exposes previous tenant data (2 Jul 2013)<br />
* [[OSSN/OSSN-0030|OSSN-0030]] - Bash 'shellshock' bug can lead to code injection vulnerability (26 Sep 2014)<br />
* [[OSSN/OSSN-0029|OSSN-0029]] - Neutron firewall rules lack port restrictions when using protocol 'any' (24 Sep 2014)<br />
* [[OSSN/OSSN-0028|OSSN-0028]] - Nova leaks compute host SMBIOS serial number to guests (3 Oct 2014)<br />
* [[OSSN/OSSN-0027|OSSN-0027]] - Neutron ARP cache poisoning vulnerability (16 Sep 2014)<br />
* [[OSSN/OSSN-0026|OSSN-0026]] - Unrestricted write permission to config files can allow code execution (5 Sep 2014)<br />
* [[OSSN/OSSN-0025|OSSN-0025]] - Swift can allow images to be accessed by anyone on the same network when using delay_auth_decision (21 Oct 2014)<br />
* [[OSSN/OSSN-0024|OSSN-0024]] - Sensitive data exposure by logging in python-keystoneclient (25 Sep 2014)<br />
* [[OSSN/OSSN-0023|OSSN-0023]] - Keystone logs auth tokens in URLs at the INFO log level (4 Sep 2014)<br />
* [[OSSN/OSSN-0022|OSSN-0022]] - Nova Networking does not enforce security group rules following a soft reboot of an instance (11 Aug 2014)<br />
* [[OSSN/OSSN-0021|OSSN-0021]] - Users of compromised accounts should verify Keystone trusts (25 July 2014)<br />
* [[OSSN/OSSN-0020|OSSN-0020]] - Disassociating floating IP from a VM does not terminate NAT connections (15 Sep 2014)<br />
* [[OSSN/OSSN-0019|OSSN-0019]] - Cinder SSH Pool will auto-accept SSH host signatures by default (30 Jun 2014)<br />
* [[OSSN/OSSN-0018|OSSN-0018]] - Nova Network configuration allows guest VMs to connect to host services (25 Jun 2014)<br />
* [[OSSN/OSSN-0017|OSSN-0017]] - Session-fixation vulnerability in Horizon when using the default signed cookie sessions (20 Jun 2014)<br />
* [[OSSN/OSSN-0016|OSSN-0016]] - Cinder wipe fails in an insecure manner on Grizzly (3 Jun 2014)<br />
* [[OSSN/OSSN-0015|OSSN-0015]] - Glance allows non-admin users to create public images (31 May 2014)<br />
* [[OSSN/OSSN-0014|OSSN-0014]] - Cinder drivers set insecure file permissions (31 May 2014)<br />
* [[OSSN/OSSN-0013|OSSN-0013]] - Some versions of Glance do not apply property protections as expected (7 May 2014)<br />
* [[OSSN/OSSN-0012|OSSN-0012]] - OpenSSL Heartbleed vulnerability can lead to OpenStack compromise (10 Apr 2014)<br />
* [[OSSN/OSSN-0011|OSSN-0011]] - Heat templates with invalid references allows unintended network access (4 Apr 2014)<br />
* [[OSSN/OSSN-0010|OSSN-0010]] - Sample Keystone v3 policy exposes privilege escalation vulnerability (17 Apr 2014)<br />
* [[OSSN/OSSN-0009|OSSN-0009]] - Potential token revocation abuse via group membership (2 Apr 2014)<br />
* [[OSSN/OSSN-0008|OSSN-0008]] - DoS style attack on noVNC server can lead to service interruption or disruption (9 Mar 2014)<br />
* [[OSSN/OSSN-0007|OSSN-0007]] - Live migration instructions recommend unsecured libvirt remote access (6 Mar 2014)<br />
* [[OSSN/1254619|OSSN-0006]] - Keystone can allow user impersonation when using REMOTE_USER for external authentication (17 Jan 2014)<br />
* [[OSSN/1226078|OSSN-0005]] - Glance allows sharing of images between projects without consumer project approval (11 Dec 2013)<br />
* [[OSSN/1237989|OSSN-0004]] - Authenticated users are able to update passwords without providing their current password (22 Nov 2013)<br />
* [[OSSN/1168252|OSSN-0003]] - Keystone configuration should not be world readable (13 May 2013)<br />
* [[OSSN/1155566|OSSN-0002]] - HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS (23 Apr 2013)<br />
* [[OSSN/1098582|OSSN-0001]] - Selecting LXC as Nova Virtualization Driver can lead to data compromise (15 Mar 2013)</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=Security/Talks&diff=59557Security/Talks2014-08-01T18:56:37Z<p>Michael Xin: /* OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group */</p>
<hr />
<div><br />
== OpenStack Summit Talks by OpenStack Security Group ==<br />
<br />
=== OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group ===<br />
<br />
{| class="wikitable sortable"<br />
|-<br />
! Group Member !! Link to the submitted talk<br />
|-<br />
| malini2 || https://www.openstack.org/vote-paris/Presentation/trusted-bare-metal-what-s-that<br />
|-<br />
| hyakuhei || https://www.openstack.org/vote-paris/Presentation/ossg-delivering-and-improving-on-security-in-openstack<br />
|-<br />
| bdpayne || https://www.openstack.org/vote-paris/Presentation/trustworthy-geographically-fenced-clouds-tgif-cs<br />
|-<br />
| shohel02, hyakuhei || https://www.openstack.org/vote-paris/Presentation/identifying-security-issues-in-the-cloud-threat-analysis-for-openstack<br />
|-<br />
| dg__ || https://www.openstack.org/vote-paris/Presentation/openstack-public-cloud-the-security-operations-perspective<br />
|-<br />
| viraptor || https://www.openstack.org/vote-paris/Presentation/ssl-everywhere-with-ephemeral-pki<br />
|-<br />
| tmcpeak || https://www.openstack.org/vote-paris/Presentation/getting-ahead-of-the-game-finding-security-issues-in-openstack-code-at-the-gate<br />
|-<br />
| mxin || https://www.openstack.org/vote-paris/Presentation/openstack-api-security-testing-automation-in-action<br />
|-<br />
<br />
|}</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=Security/Talks&diff=59556Security/Talks2014-08-01T18:55:45Z<p>Michael Xin: /* OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group */</p>
<hr />
<div><br />
== OpenStack Summit Talks by OpenStack Security Group ==<br />
<br />
=== OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group ===<br />
<br />
{| class="wikitable sortable"<br />
|-<br />
! Group Member !! Link to the submitted talk<br />
|-<br />
| malini2 || https://www.openstack.org/vote-paris/Presentation/trusted-bare-metal-what-s-that<br />
|-<br />
| hyakuhei || https://www.openstack.org/vote-paris/Presentation/ossg-delivering-and-improving-on-security-in-openstack<br />
|-<br />
| bdpayne || https://www.openstack.org/vote-paris/Presentation/trustworthy-geographically-fenced-clouds-tgif-cs<br />
|-<br />
| shohel02 || https://www.openstack.org/vote-paris/Presentation/identifying-security-issues-in-the-cloud-threat-analysis-for-openstack<br />
|-<br />
| dg__ || https://www.openstack.org/vote-paris/Presentation/openstack-public-cloud-the-security-operations-perspective<br />
|-<br />
| hyakuhei || https://www.openstack.org/vote-paris/Presentation/identifying-security-issues-in-the-cloud-threat-analysis-for-openstack<br />
|-<br />
| viraptor || https://www.openstack.org/vote-paris/Presentation/ssl-everywhere-with-ephemeral-pki<br />
|-<br />
| tmcpeak || https://www.openstack.org/vote-paris/Presentation/getting-ahead-of-the-game-finding-security-issues-in-openstack-code-at-the-gate<br />
|-<br />
| mxin || https://www.openstack.org/vote-paris/Presentation/openstack-api-security-testing-automation-in-action<br />
|-<br />
<br />
|}</div>Michael Xinhttps://wiki.openstack.org/w/index.php?title=Security/Talks&diff=59555Security/Talks2014-08-01T18:51:16Z<p>Michael Xin: OpenStack Summit Talks by OpenStack Security Group</p>
<hr />
<div><br />
== OpenStack Summit Talks by OpenStack Security Group ==<br />
<br />
=== OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group ===<br />
<br />
{| class="wikitable sortable"<br />
|-<br />
! Group Member !! Link to the submitted talk<br />
|-<br />
| malini2 || https://www.openstack.org/vote-paris/Presentation/trusted-bare-metal-what-s-that<br />
|-<br />
| hyakuhei || https://www.openstack.org/vote-paris/Presentation/ossg-delivering-and-improving-on-security-in-openstack<br />
|-<br />
| bdpayne || https://www.openstack.org/vote-paris/Presentation/trustworthy-geographically-fenced-clouds-tgif-cs<br />
|-<br />
| shohel02 || https://www.openstack.org/vote-paris/Presentation/identifying-security-issues-in-the-cloud-threat-analysis-for-openstack<br />
|-<br />
| dg__ || https://www.openstack.org/vote-paris/Presentation/openstack-public-cloud-the-security-operations-perspective<br />
|-<br />
| hyakuhei || https://www.openstack.org/vote-paris/Presentation/identifying-security-issues-in-the-cloud-threat-analysis-for-openstack<br />
|-<br />
| viraptor || https://www.openstack.org/vote-paris/Presentation/ssl-everywhere-with-ephemeral-pki<br />
|-<br />
| tmcpeak || https://www.openstack.org/vote-paris/Presentation/getting-ahead-of-the-game-finding-security-issues-in-openstack-code-at-the-gate<br />
|-<br />
| viraptor || https://www.openstack.org/vote-paris/Presentation/ssl-everywhere-with-ephemeral-pki <br />
|-<br />
| mxin || https://www.openstack.org/vote-paris/Presentation/openstack-api-security-testing-automation-in-action<br />
|-<br />
<br />
|}</div>Michael Xin