User contributions
(newest | oldest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)
- 19:51, 9 June 2016 (diff | hist) . . (-10) . . Security Notes (→Published Security Notes)
- 19:49, 9 June 2016 (diff | hist) . . (+2,402) . . N OSSN/OSSN-0063 (Created page with "__NOTOC__ == Nova and Cinder key manager for Barbican misuses cached credentials == === Summary === During the Icehouse release the Cinder and Nova projects added a feature t...")
- 20:56, 25 January 2016 (diff | hist) . . (+10) . . OSSN/OSSN-0060 (→Contacts / References)
- 20:55, 25 January 2016 (diff | hist) . . (-6) . . Security Notes (→Published Security Notes)
- 23:00, 15 December 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 23:00, 15 December 2015 (diff | hist) . . (+2,957) . . N OSSN/OSSN-0062 (Created page with "__NOTOC__ == Potential reuse of revoked Identity tokens == === Summary === An authorization token issued by the Identity service can be revoked, which is designed to immediat...")
- 22:43, 15 December 2015 (diff | hist) . . (+15) . . Security Notes (→Published Security Notes)
- 22:39, 15 December 2015 (diff | hist) . . (-5) . . Security Notes (→Published Security Notes)
- 22:38, 15 December 2015 (diff | hist) . . (+1,677) . . OSSN/OSSN-0061
- 20:23, 15 December 2015 (diff | hist) . . (+108) . . Security Notes (→Published Security Notes)
- 21:33, 16 November 2015 (diff | hist) . . (-11) . . Security Notes
- 21:33, 16 November 2015 (diff | hist) . . (+1,812) . . OSSN/OSSN-0059
- 22:08, 15 October 2015 (diff | hist) . . (-153) . . Security Notes (→Published Security Notes)
- 22:07, 15 October 2015 (diff | hist) . . (+2,218) . . N OSSN/OSSN-0057 (Created page with "__NOTOC__ == DoS attack on Glance service can lead to interruption or disruption == === Summary === The typical Glance workflow allows authenticated users to create an image...")
- 19:39, 23 September 2015 (diff | hist) . . (-72) . . OSSN/OSSN-0033 (→Contacts / References)
- 19:38, 23 September 2015 (diff | hist) . . (+271) . . OSSN/OSSN-0033 (→Contacts / References)
- 19:21, 23 September 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 19:20, 23 September 2015 (diff | hist) . . (+3,103) . . OSSN/OSSN-0053
- 02:21, 18 September 2015 (diff | hist) . . (-12) . . Security Notes
- 02:20, 18 September 2015 (diff | hist) . . (+2,569) . . OSSN/OSSN-0056
- 21:16, 17 September 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 21:16, 17 September 2015 (diff | hist) . . (+2,512) . . OSSN/OSSN-0058
- 21:08, 17 September 2015 (diff | hist) . . (-24) . . Security Notes (→Published Security Notes)
- 21:07, 17 September 2015 (diff | hist) . . (+2,115) . . N OSSN/OSSN-0054 (Created page with "__NOTOC__ == Potential Denial of Service in Horizon login == === Summary === Horizon uses the Python based Django web framework. Older versions of this framework allow an una...")
- 18:41, 17 September 2015 (diff | hist) . . (+1) . . Security Notes (→Published Security Notes)
- 18:38, 17 September 2015 (diff | hist) . . (+10) . . OSSN/OSSN-0055
- 18:27, 17 September 2015 (diff | hist) . . (+5) . . Security Notes (→Published Security Notes)
- 18:26, 17 September 2015 (diff | hist) . . (+1,515) . . OSSN/OSSN-0052
- 13:46, 7 July 2015 (diff | hist) . . (+1) . . m OSSN/OSSN-0049 (→Discussion)
- 13:43, 7 July 2015 (diff | hist) . . (-12) . . Security Notes (→Published Security Notes)
- 13:42, 7 July 2015 (diff | hist) . . (+3,037) . . N OSSN/OSSN-0049 (Created page with "__NOTOC__ == Nova ironic driver logs sensitive information while operating in debug mode == === Summary === The password and authentication token configuration options for th...")
- 14:17, 11 May 2015 (diff | hist) . . (-8) . . Security Notes (→Published Security Notes)
- 14:17, 11 May 2015 (diff | hist) . . (+1,708) . . OSSN/OSSN-0046 (→OSSN-0046)
- 14:54, 30 April 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 14:54, 30 April 2015 (diff | hist) . . (+3,192) . . N OSSN/OSSN-0048 (Created page with "__notoc__ == Glance method filtering does not work under certain conditions == === Summary === Glance is using the Python assert statement for validating the HTTP method typ...")
- 18:32, 19 April 2015 (diff | hist) . . (+14) . . Security Notes (→Published Security Notes)
- 18:31, 19 April 2015 (diff | hist) . . (+6,366) . . N OSSN/OSSN-0047 (Created page with "__NOTOC__ == Keystone does not validate that identity providers match federation mappings == === Summary === Keystone's OS-FEDERATION extension does not enforce a link betwee...")
- 14:53, 9 April 2015 (diff | hist) . . (+114) . . Security Notes (→Published Security Notes)
- 18:10, 11 March 2015 (diff | hist) . . (+2) . . Security Notes (→Published Security Notes)
- 18:10, 11 March 2015 (diff | hist) . . (+4,413) . . OSSN/OSSN-0045
- 21:08, 2 March 2015 (diff | hist) . . (+9) . . Security Notes (→Published Security Notes)
- 21:07, 2 March 2015 (diff | hist) . . (+1,583) . . N OSSN/OSSN-0044 (Created page with "__NOTOC__ == Older versions of noVNC allow session theft == === Summary === Commonly packaged versions of noVNC allow an attacker to hijack user sessions even when TLS is ena...")
- 16:37, 6 February 2015 (diff | hist) . . (-8) . . Security Notes (→Published Security Notes)
- 12:49, 5 February 2015 (diff | hist) . . (+2,986) . . N OSSN/OSSN-0043 (Created page with "__NOTOC__ == glibc 'GHOST' vulnerability can allow remote code execution == === Summary === A serious vulnerability in the GNU C library (glibc) gethostbyname* functions can...")
- 06:41, 18 December 2014 (diff | hist) . . (-11) . . Security Notes
- 02:06, 18 December 2014 (diff | hist) . . (+2,384) . . N OSSN/OSSN-0038 (Created page with "__NOTOC__ == Suds client subject to cache poisoning by local attacker == === Summary === Suds is a Python SOAP client for consuming Web Services. Its default cache implement...")
- 16:17, 17 December 2014 (diff | hist) . . (+8) . . Security Notes (→Published Security Notes)
- 16:16, 17 December 2014 (diff | hist) . . (-41) . . Security Notes
- 01:42, 17 December 2014 (diff | hist) . . (+2,376) . . N OSSN/OSSN-0042 (Created page with "__NOTOC__ == Keystone token scoping provides no security benefit == === Summary === Keystone provides "scoped" tokens that are constrained to use by a single project. A user...")
- 17:38, 23 October 2014 (diff | hist) . . (+4,886) . . N Security/Kilo/Keystone (Created page with "This page documents security related details for the Keystone project in the OpenStack Kilo release. === Implemented Crypto === Keystone doesn't have an home-brewed encryption...") (current)
- 17:35, 23 October 2014 (diff | hist) . . (+692) . . N Security/Kilo/Sahara (Created page with "This page documents security related details for the Sahara project in the OpenStack Kilo release. === Implemented Crypto === ? === Used Crypto === ? ==== Libraries ==== ? ===...") (current)
- 17:32, 23 October 2014 (diff | hist) . . (-27) . . Security/Kilo (→Incubated Projects) (current)
- 17:31, 23 October 2014 (diff | hist) . . (+52) . . Security/Kilo (→Integrated Projects)
- 17:29, 23 October 2014 (diff | hist) . . (+2,189) . . N Security/Kilo (Created page with "'''WORK IN PROGRESS''' This page aims to capture an overview of security related information for integrated projects in the OpenStack Kilo release. The information that this...")
- 19:47, 21 October 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 19:46, 21 October 2014 (diff | hist) . . (+6,416) . . N OSSN/OSSN-0039 (Created page with "__NOTOC__ == Configuring OpenStack deployments to prevent POODLE attacks == === Summary === POODLE (CVE-2014-3566) is a new attack on SSLv3 that allows an active network-bas...")
- 17:51, 21 October 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 17:50, 21 October 2014 (diff | hist) . . (+2,772) . . N OSSN/OSSN-0025 (Created page with "__NOTOC__ == Possible Glance image exposure via Swift == === Summary === Glance is able to use Swift as a back end for storing virtual machine images. When Glance is configu...")
- 16:39, 21 October 2014 (diff | hist) . . (-78) . . Security Notes (→Published Security Notes)
- 16:34, 21 October 2014 (diff | hist) . . (+1,679) . . N OSSN/OSSN-0037 (Created page with "__NOTOC__ == Configure Horizon to mitigate BREACH/CRIME attacks == === Summary === Horizon is vulnerable to BREACH/CRIME style chosen plaintext attacks in it's default confi...")
- 16:30, 21 October 2014 (diff | hist) . . (+1,215) . . N OSSN/OSSN-0036 (Created page with "__NOTOC__ == Horizon does not set Secure Attribute in cookies == === Summary === Horizon does not, by default, set the Secure Attribute in cookies. === Affected Services /...")
- 16:24, 21 October 2014 (diff | hist) . . (+2,011) . . N OSSN/OSSN-0035 (Created page with "__NOTOC__ == HTTP Strict Transport Security not enabled on Horizon Dashboard == === Summary === Deployers using Horizon for production or internet facing operations should s...")
- 16:14, 21 October 2014 (diff | hist) . . (+1,891) . . N OSSN/OSSN-0034 (Created page with "__NOTOC__ == Restarting memcached loses revoked token list == === Summary === When a cloud is deployed using Memcached as a backend for Keystone tokens, there is a security...")
- 15:59, 21 October 2014 (diff | hist) . . (+1,789) . . N OSSN/OSSN-0033 (Created page with "__NOTOC__ == Some SSL-Enabled connections fail to perform basic certificate checks == === Summary === In many places, OpenStack components use Python 2.x HTTPSConnection to e...")
- 15:57, 21 October 2014 (diff | hist) . . (+1,834) . . N OSSN/OSSN-0032 (Created page with "__NOTOC__ ==Disabling a tenant does not disable a user token == === Summary === When a tenant is disabled in Keystone, tokens that have been issued to that tenant are not in...")
- 15:52, 21 October 2014 (diff | hist) . . (+1,418) . . N OSSN/OSSN-0031 (Created page with "__NOTOC__ == Nova Baremetal is insecure for use in multi-tenant environments == === Summary === Data of previous tenants may be exposed to new ones when using Nova Baremetal...")
- 02:37, 21 October 2014 (diff | hist) . . (+656) . . Meetings/KeystoneMeeting (→Agenda for next meeting)
- 02:44, 16 October 2014 (diff | hist) . . (+640) . . ReleaseNotes/Juno (→Known Issues)
- 22:41, 5 October 2014 (diff | hist) . . (+779) . . Security Notes (→Published Security Notes)
- 19:19, 3 October 2014 (diff | hist) . . (-23) . . Security Notes (→Published Security Notes)
- 19:18, 3 October 2014 (diff | hist) . . (+2,977) . . N OSSN/OSSN-0028 (Created page with "__NOTOC__ == Nova leaks compute host SMBIOS serial number to guests == === Summary === When Nova is using the libvirt virtualization driver, the SMBIOS serial number supplie...")
- 19:31, 29 September 2014 (diff | hist) . . (+275) . . OSSN/OSSN-0029
- 20:24, 26 September 2014 (diff | hist) . . (-7) . . Security Notes (→Published Security Notes)
- 20:23, 26 September 2014 (diff | hist) . . (+3,587) . . N OSSN/OSSN-0030 (Created page with "__NOTOC__ == Bash 'shellshock' bug can lead to code injection vulnerability == === Summary === A bug in the GNU Bash shell (4.3 and lower) exposes a code injection vulnerabi...")
- 02:24, 26 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 02:24, 26 September 2014 (diff | hist) . . (+3,330) . . N OSSN/OSSN-0024 (Created page with "__NOTOC__ == Sensitive data is exposed in log statements by python-keystoneclient == === Summary === Python-keystoneclient is a client tool for the OpenStack Identity API, w...")
- 16:58, 24 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 16:23, 24 September 2014 (diff | hist) . . (+2,512) . . N OSSN/OSSN-0029 (Created page with "__NOTOC__ == Neutron FWaaS rules lack port restrictions when using protocol 'any' == === Summary === A bug in the Neutron FWaaS (Firewall as a Service) code results in iptab...")
- 16:15, 24 September 2014 (diff | hist) . . (0) . . Security Notes (→Published Security Notes)
- 16:13, 16 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 16:13, 16 September 2014 (diff | hist) . . (+3,164) . . N OSSN/OSSN-0027 (Created page with "__NOTOC__ == Neutron ARP cache poisoning vulnerability == === Summary === The Neutron firewall driver 'iptables_firewall' does not prevent ARP cache poisoning, as this drive...")
- 23:52, 15 September 2014 (diff | hist) . . (+124) . . Security Notes (→Published Security Notes)
- 23:50, 15 September 2014 (diff | hist) . . (-15) . . Security Notes (→Published Security Notes)
- 23:46, 15 September 2014 (diff | hist) . . (+11) . . OSSN/OSSN-0020
- 20:16, 5 September 2014 (diff | hist) . . (-12) . . Security Notes (→Published Security Notes)
- 20:15, 5 September 2014 (diff | hist) . . (+2,751) . . OSSN/OSSN-0026
- 19:17, 4 September 2014 (diff | hist) . . (+10) . . Security Notes (→Published Security Notes)
- 19:16, 4 September 2014 (diff | hist) . . (+17) . . Security Notes (→Published Security Notes)
- 19:16, 4 September 2014 (diff | hist) . . (+3,262) . . N OSSN/OSSN-0023 (Created page with "__NOTOC__ == Keystone logs auth tokens in URLs at the INFO log level == === Summary === When a client accesses Keystone using the Identity API version 2, the tokens will be...")
- 14:21, 12 August 2014 (diff | hist) . . (-83) . . Security/Security Note Process (→Wiki)
- 14:15, 12 August 2014 (diff | hist) . . (-12) . . Security/Security Note Process (→Reviewing)
- 14:15, 12 August 2014 (diff | hist) . . (-241) . . Security/Security Note Process (→Templates)
- 19:53, 11 August 2014 (diff | hist) . . (+26) . . Security Notes (→Published Security Notes)
- 13:53, 11 August 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 13:53, 11 August 2014 (diff | hist) . . (+2,716) . . OSSN/OSSN-0022 (→Soft reboot of instance does not ensure iptables rules are present)
- 22:15, 1 August 2014 (diff | hist) . . (+123) . . Security/Talks (→OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group)
- 21:28, 25 July 2014 (diff | hist) . . (+330) . . Security/Security Note Process (→Reviewing)
- 21:19, 25 July 2014 (diff | hist) . . (0) . . Security/Security Note Process (→Mailing Lists)
- 20:56, 25 July 2014 (diff | hist) . . (-10) . . Security Notes
- 20:55, 25 July 2014 (diff | hist) . . (+2,727) . . N OSSN/OSSN-0021 (Created page with "__NOTOC__ == Owners of compromised accounts should verify Keystone trusts == === Summary === The Keystone 'trusts' API allows for delegation of privileges to one user on beh...")
(newest | oldest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)