Bug 843311 (CVE-2012-3426) - CVE-2012-3426 OpenStack-Keystone: token expiration issues
Summary: CVE-2012-3426 OpenStack-Keystone: token expiration issues
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2012-3426
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20120727,repor...
Depends On:
Blocks: 836072
TreeView+ depends on / blocked
 
Reported: 2012-07-26 03:04 UTC by Kurt Seifried
Modified: 2019-06-08 19:12 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-09-12 19:12:52 UTC


Attachments (Terms of Use)

Description Kurt Seifried 2012-07-26 03:04:33 UTC
Thierry Carrez (thierry@openstack.org) of the OpenStack project reports:

Derek Higgins reported various issues affecting Keystone token
expiration. A token expiration date can be circumvented by
continuously creating new tokens before the old one has expired.
Existing tokens also remain valid after a user account is disabled or
after an account password changed. An authenticated and authorized
user could potentially leverage those vulnerabilities to extend his
access beyond the account owner expectations.

Folsom fixes:
http://github.com/openstack/keystone/commit/375838cfceb88cacc312ff6564e64eb18ee6a355
http://github.com/openstack/keystone/commit/628149b3dc6b58b91fd08e6ca8d91c728ccb8626
http://github.com/openstack/keystone/commit/a67b24878a6156eab17b9098fa649f0279256f5d

Essex fixes:
http://github.com/openstack/keystone/commit/29e74e73a6e51cffc0371b32354558391826a4aa
http://github.com/openstack/keystone/commit/d9600434da14976463a0bd03abd8e0309f0db454
http://github.com/openstack/keystone/commit/ea03d05ed5de0c015042876100d37a6a14bf56de

Comment 2 Vincent Danen 2012-07-27 17:59:44 UTC
This is now public:

http://article.gmane.org/gmane.comp.security.oss.general/8058


Note You need to log in before you can comment on or make changes to this bug.