1131680 – (CVE-2014-3602) CVE-2014-3602 OpenShift: /proc/net/tcp information disclosure

Bug 1131680 (CVE-2014-3602) - CVE-2014-3602 OpenShift: /proc/net/tcp information disclosure

Summary: CVE-2014-3602 OpenShift: /proc/net/tcp information disclosure

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2014-3602
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	817596 (view as bug list)
Depends On:	1131804 1151561 1165395
Blocks:	1024531 767033 1131681 1148171
TreeView+	depends on / blocked

Reported:	2014-08-19 19:49 UTC by Kurt Seifried
Modified:	2019-09-29 13:20 UTC (History)
CC List:	18 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	It was found that OpenShift Enterprise did not restrict access to the /proc/net/tcp file in gears, which allowed local users to view all listening connections and connected sockets. This could result in remote system's IP or port numbers in use to be exposed, which may be useful for further targeted attacks.
Clone Of:
Environment:
Last Closed:	2015-01-17 04:38:05 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2014:1796	0	normal	SHIPPED_LIVE	Moderate: Red Hat OpenShift Enterprise 2.2 Release Advisory	2014-11-04 00:52:02 UTC
Red Hat Product Errata	RHSA-2014:1906	0	normal	SHIPPED_LIVE	Moderate: Red Hat OpenShift Enterprise 2.1.9 security, bug fix, and enhancement update	2014-11-25 23:19:05 UTC

Description Kurt Seifried 2014-08-19 19:49:43 UTC

OpenShift fails to restrict access to /proc/net/tcp which allows local users 
to view all listening connections and connected sockets. This can result in
remote systems IP/port numbers in use being exposed which may be useful for 
further targeted attacks. Please note that for local listeners OpenShift 
restricts connections to within the cartridge by default, so even with the 
knowledge of the local port and ip the attacker will not be able to connect.

Comment 4 Kurt Seifried 2014-08-20 16:41:48 UTC

*** Bug 817596 has been marked as a duplicate of this bug. ***

Comment 5 Kurt Seifried 2014-09-29 21:46:00 UTC

*** Bug 1147598 has been marked as a duplicate of this bug. ***

Comment 10 errata-xmlrpc 2014-11-03 19:54:46 UTC

This issue has been addressed in the following products:

  RHEL 6 Version of OpenShift Enterprise 2.2

Via RHSA-2014:1796 https://rhn.redhat.com/errata/RHSA-2014-1796.html

Comment 14 Martin Prpič 2014-11-19 10:27:52 UTC

IssueDescription:

It was found that OpenShift Enterprise did not restrict access to the /proc/net/tcp file in gears, which allowed local users to view all listening connections and connected sockets. This could result in remote system's IP or port numbers in use to be exposed, which may be useful for further targeted attacks.

Comment 15 errata-xmlrpc 2014-11-25 18:19:29 UTC

This issue has been addressed in the following products:

  RHEL 6 Version of OpenShift Enterprise 2.1

Via RHSA-2014:1906 https://rhn.redhat.com/errata/RHSA-2014-1906.html

Note You need to log in before you can comment on or make changes to this bug.