[Openstack-security] [Bug 1370295] Re: Possible SQL Injection vulnerability in hyperv volumeutils2
Jeremy Stanley
fungi at yuggoth.org
Fri Sep 19 19:22:12 UTC 2014
Switched the bug to public and marked the security advisory task wontfix
based on the above discussion.
** Changed in: ossa
Status: Incomplete => Won't Fix
** Information type changed from Private Security to Public
** Tags added: security
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1370295
Title:
Possible SQL Injection vulnerability in hyperv volumeutils2
Status in OpenStack Compute (Nova):
Invalid
Status in OpenStack Security Advisories:
Won't Fix
Bug description:
This line:
https://github.com/openstack/nova/blob/master/nova/virt/hyperv/volumeutilsv2.py#L54
makes a raw SQL query using input from target_address and target_port.
If an attacker is able to manipulate either of these parameters, they
can exploit a SQL injection vulnerability.
If neither of these parameters can be controlled by an attacker, it's
probably OK to fix this in public. These should definitely at least
be strengthened by using prepared statements, or even better, a secure
SQL library such as sqlalchemy.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1370295/+subscriptions
More information about the Openstack-security
mailing list