Red Hat Bugzilla – Bug 888523
CVE-2012-5647 openshift-origin-node-util: restorer.php arbitrary URL redirection
Last modified: 2013-01-22 16:51:47 EST
Michael Scherer (firstname.lastname@example.org) reports:
the file https://github.com/openshift/origin-server/blob/master/node-util/www/html/restorer.php
used to restore application after being idle fails to safely handle user
supplied data that is later used in the HTTP headers for the Location:
value which can then result in request redirection to an arbitrary page.
Created attachment 665755 [details]
This issue was discovered by Michael Scherer of the Red Hat Regional IT team.
This issue has been addressed in following products:
RHEL 6 Version of OpenShift Enterprise
Via RHSA-2013:0148 https://rhn.redhat.com/errata/RHSA-2013-0148.html
This issue has been addressed in OpenShift Online.