Bug 823783 – VUL-0: openstack-keystone: CVE-2013-2157: vulnerable Keystone LDAP backend authentication

Bug 823783 - (CVE-2013-2157) VUL-0: openstack-keystone: CVE-2013-2157: vulnerable Keystone LDAP backend authentication

(CVE-2013-2157)
Summary:	VUL-0: openstack-keystone: CVE-2013-2157: vulnerable Keystone LDAP backend au...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle11-sp2:52998
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2013-06-07 03:48 UTC by Alexander Bergmann
Modified:	2013-07-01 14:30 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 4 Swamp Workflow Management 2013-06-07 16:00:28 UTC

bugbot adjusting priority

Comment 6 Sascha Peilicke 2013-06-14 06:19:30 UTC

Patch backported to Essex. The code changed slightly but the LDAP unit tests pass. sr#27267

Comment 8 Alexander Bergmann 2013-06-17 01:36:28 UTC

Now public:

https://lists.launchpad.net/openstack/msg24372.html

Date: Thu, 13 Jun 2013 18:05:08 +0200
From: Thierry Carrez
Subject: [OSSA 2013-015] Authentication bypass when using LDAP backend (CVE-2013-2157)

OpenStack Security Advisory: 2013-015
CVE: CVE-2013-2157
Date: June 13, 2013
Title: Authentication bypass when using LDAP backend
Reporter: Jose Castro Leon (CERN)
Products: Keystone
Affects: Folsom, Grizzly

Description:
Jose Castro Leon from CERN reported a vulnerability in the way the
Keystone LDAP backend authenticates users. When provided with an empty
password, the backend would perform an anonymous LDAP bind that would
result in successfully authenticating the user. An attacker could
therefore easily impersonate and get valid tokens for any user. Only
Keystone setups using LDAP authentication backend are affected.

Havana (development branch) fix:
https://review.openstack.org/#/c/32896/

Grizzly fix:
https://review.openstack.org/#/c/32895/

Folsom fix:
https://review.openstack.org/#/c/32894/

References:
https://bugs.launchpad.net/keystone/+bug/1187305
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2157

Comment 9 Swamp Workflow Management 2013-06-17 01:51:25 UTC

The SWAMPID for this issue is 52997.
This issue was rated as moderate.
Please submit fixed packages until 2013-07-01.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 10 Vincent Untz 2013-06-17 03:00:18 UTC

Fix for openSUSE 12.3 submitted in sr#179261.

Comment 12 Swamp Workflow Management 2013-06-27 09:04:36 UTC

openSUSE-SU-2013:1089-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 821201,823783
CVE References: CVE-2013-2104,CVE-2013-2157
Sources used:
openSUSE 12.3 (src):    openstack-keystone-2012.2.4+git.1363796849.255b1d4-3.16.1, openstack-keystone-doc-2012.2.4+git.1363796849.255b1d4-3.16.1

Comment 14 Swamp Workflow Management 2013-07-01 13:57:25 UTC

Update released for: openstack-keystone, openstack-keystone-doc, openstack-keystone-test, python-keystone
Products:
SUSE-CLOUD 1.0 (x86_64)