Attack vector NETWORK
Attack complexity LOW
Privileges required NONE
Confidentiality impact PARTIAL
Integrity impact PARTIAL
Availability impact PARTIAL
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
Common Attack Pattern Enumeration and Classification (CAPEC)
- Cache Poisoning
An attacker exploits the functionality of cache technologies to cause specific data to be cached that aids the attackers' objectives. This describes any attack whereby an attacker places incorrect or harmful material in cache. The targeted cache can be an application's cache (e.g. a web browser cache) or a public cache (e.g. a DNS or ARP cache). Until the cache is refreshed, most applications or clients will treat the corrupted cache value as valid. This can lead to a wide range of exploits including redirecting web browsers towards sites that install malware and repeatedly incorrect calculations based on the incorrect value.
- DNS Cache Poisoning
A domain name server translates a domain name (such as www.example.com) into an IP address that Internet hosts use to contact Internet resources. An attacker modifies a public DNS cache to cause certain names to resolve to incorrect addresses that the attacker specifies. The result is that client applications that rely upon the targeted cache for domain name resolution will be directed not to the actual address of the specified domain name but to some other address. Attackers can use this to herd clients to sites that install malware on the victim's computer or to masquerade as part of a Pharming attack.
- Cross-Site Scripting Using MIME Type Mismatch
- Spoofing of UDDI/ebXML Messages
An attacker spoofs a UDDI, ebXML, or similar message in order to impersonate a service provider in an e-business transaction. UDDI, ebXML, and similar standards are used to identify businesses in e-business transactions. Among other things, they identify a particular participant, WSDL information for SOAP transactions, and supported communication protocols, including security protocols. By spoofing one of these messages an attacker could impersonate a legitimate business in a transaction or could manipulate the protocols used between a client and business. This could result in disclosure of sensitive information, loss of message integrity, or even financial fraud.
|NASL family||Fedora Local Security Checks|
|description||Selective backports from stable/grizzly : - Ec2Signer: Initial support for v4 signature verification. - Allow signature verification for older boto versions. - Default signing_dir to secure temp dir. - Fix memcache encryption middleware. (CVE-2013-2166, CVE-2013-2167) - Check token expiry. (CVE-2013-2104) - Allow secure user password update. (CVE-2013-2013) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.|
|reporter||This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.|
|title||Fedora 19 : python-keystoneclient-0.2.3-7.fc19 (2013-14302)|
|description||Bugtraq ID:60680 CVE ID:CVE-2013-2167 OpenStack是由Rackspace和NASA共同开发的云计算平台，帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。 OpenStack python-keystoneclient客户端中间件memcache加密实现存在安全漏洞，允许可直接对memcache后端(或在中间人位置)进行写访问的攻击者注入恶意数据来绕过签名安全策略。 在Keystone中间件(指定memcache_servers)中使用memcache缓存和使用ENCRYPT或MAC作为它们的memcache_security_strategy的系统受此漏洞影响。 0 python-keystoneclient 0.2.3 - 0.2.5 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息： https://bugs.launchpad.net/python-keystoneclient/+bug/1175368|
|title||OpenStack python-keystoneclient 安全绕过漏洞(CVE-2013-2167)|