[Openstack] [OSSA 2011-001] Path traversal issues registering malicious images using EC2 API (CVE-2011-4596)
Thierry Carrez
thierry at openstack.org
Tue Dec 13 15:38:40 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
OpenStack Security Advisory: 2011-001
CVE: CVE-2011-4596
Title: Path traversal issues registering malicious images using EC2 API
Date: December 13, 2011
Impact: High
Reporter: David Black
Products: Nova
Affects: All versions
Description:
David Black reported two issues in OpenStack Nova's support for EC2
RegisterImage action. By registering images from malicious tarballs or
manifests, an attacker could potentially traverse directories and
overwrite files with the rights of the user Nova runs under. Only setups
allowing the EC2 API and the S3/RegisterImage method for registering
images are affected.
Fixes:
Essex:
https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e
2011.3:
https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4596
https://bugs.launchpad.net/nova/+bug/885167
https://bugs.launchpad.net/nova/+bug/894755
Notes:
This fix will be included in the Essex-2 development milestone and in
a future 2011.3.1 release.
- --
Thierry Carrez (ttx)
OpenStack Vulnerability Management Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJO53F7AAoJEFB6+JAlsQQjOrgQAJ6m1J0eBZbZt+2v76jQmXqz
HBaSmvtMpI3G+dIqnIzb3S7YKYVLTJgYo1dVmDw2+31vGwqhb+THBExlXeMOG4Gd
qEafKTeATvZD/OkMzBCqmbAXMB6sDxnvOCNxTssW8YjRCCn3/yUxPpjITz3QJWcK
ThI+4KyHfQB2S40Z9aSBCRtnC9HDJYzQwskA20YBuOqMMybpXhMYYPUD3w/AxbOU
pXpQbwuRbilfeFMNHjBZyWvnHH8jE2yGtT7FHX9CXVRDf/Exqc5B+1b1p0YCdha9
x+v+C339pIdB9/Qfhd+QRg3rKNMs+bYYwyM3vBUaYRTagvztU34Ou/rnGcyW+MWe
CroBatxbNgOpaKrAV39by+z+pVUVjIKO4npj9foxw/esbh5ISszVr9B0xDeNYNvf
EWTddpA4ksXdLLaBDqJLzv2KaDpoquZu1lmgMPoWPuv7PdYGrDYWklRuFDPO0IFg
LIBDtdjIEDU9eUoYpDQv1XcoGKf25Kr4xOOm0BEaWkjC1xYT5VbIh/dGJBq+kZcP
9ipawSM1uIlvIrQsLutZuHKGoLUxRJzIQhGutw+BRRKl6mqvVFkMibi09qqc0sTR
Wa+Si9/ldhaugHBUvyDRQZoPLrTxVHOvSwLtFRygulTqz5SQR17rpZ1nftz5nKVf
PBCrs5rx0hb9BcgMyPGS
=2SQs
-----END PGP SIGNATURE-----
More information about the Openstack
mailing list