Ubuntu Update For Keystone USN-1564-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1564-1

Solution

Please Install the Updated Packages.

Insight

Dolph Mathews discovered that when roles are granted and revoked to users in Keystone, pre-existing tokens were not updated or invalidated to take the new roles into account. An attacker could use this to continue to access resources that have been revoked.

Affected

keystone on Ubuntu 12.04 LTS

Severity

Classification

CVE CVE-2012-4413
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for cups-filters USN-2143-1
Ubuntu Update for acpi-support USN-2297-1
Ubuntu Update for bind9 USN-1139-1
Ubuntu Update for commons-daemon USN-1298-1
Ubuntu Update for cmake vulnerabilities USN-890-6

Ubuntu Update for keystone USN-1564-1

Take action and discover your vulnerabilities